4d9015d135263179c2329a7288815b42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d9015d135263179c2329a7288815b42_JaffaCakes118
Size

1.0MB
MD5

4d9015d135263179c2329a7288815b42
SHA1

34d8fcb6cc8212d7f3bfdff548db47ab20fbbadb
SHA256

c8537a88fffe4a9579f65f9e0cf0e8c3e64591196e60e89be38596165d4ec0ff
SHA512

04ba77e75570f75e2d800739d633ee6e9a4c4db1c2f587e9943ec971154143012bd853d1fc13ddfc90016d20deec3f4ca5be01f0d3ffa9a08dff1e647fc1d900
SSDEEP

24576:5zHI6pMIU+sSfhDjSRgwNYCD5TdINA2NFNq+W9nLp9IU3C3Jc:9HIaMIU+sxRgwPXgG+ULp9f3Cu

Score

1^/10

Malware Config

Signatures

Files

4d9015d135263179c2329a7288815b42_JaffaCakes118
.zip
B9CE229E.EXE
.exe windows:4 windows x86 arch:x86

8db1c0c982d36429eaefc0e2789a55a4

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6c:7f:a9:44:73:ce:8e:e3:a3:d2:fb:3a:6f:0c:01:a7
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/09/2006, 00:00

Not After

13/09/2007, 23:59

Subject

CN=Bit Wise Publishing\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=ScenicReflections.com,O=Bit Wise Publishing\, LLC,L=Gainesville,ST=Georgia,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dev\bNetworks\Projects\Sources\JoinerEx\Source\Starter\Release\Starter.pdb

Imports

kernel32

CreateFileA
LockResource
SizeofResource
LoadResource
FindResourceA
GetTempPathA
GetModuleHandleA
WaitForMultipleObjects
WaitForSingleObject
CreateProcessA
ExitProcess
LoadLibraryA
MultiByteToWideChar
SetStdHandle
GetSystemInfo
VirtualProtect
IsBadCodePtr
SetUnhandledExceptionFilter
SetFilePointer
GetStringTypeW
GetSystemDirectoryA
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
GetCurrentProcess
TerminateProcess
GetProcAddress
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetModuleFileNameA
CreateDirectoryA
WriteFile
CloseHandle
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
GetLocaleInfoA
GetACP
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
HeapFree
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapAlloc
GetOEMCP
GetCPInfo
FlushFileBuffers

user32

IsDlgButtonChecked
MessageBoxA
GetDlgItemTextA
DialogBoxParamA
GetWindowRect
InvalidateRect
GetWindowTextA
GetClientRect
BeginPaint
IsWindowEnabled
GetSysColor
DrawTextA
SetWindowPos
EndPaint
GetWindowLongA
SetWindowLongA
CallWindowProcA
GetDlgCtrlID
GetParent
LoadCursorA
SetCursor
GetSystemMetrics
LoadImageA
SendMessageA
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
ShowWindow
CheckDlgButton
SetDlgItemTextA
EndDialog

gdi32

GetObjectA
CreateFontIndirectA
SelectObject
SetTextColor
DeleteObject
GetStockObject
SetBkMode

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8db1c0c982d36429eaefc0e2789a55a4

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

6c:7f:a9:44:73:ce:8e:e3:a3:d2:fb:3a:6f:0c:01:a7Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

6c:7f:a9:44:73:ce:8e:e3:a3:d2:fb:3a:6f:0c:01:a7
Certificate

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB