5aebb834f58f998e72df6d454dd4eb7d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5aebb834f58f998e72df6d454dd4eb7d_JaffaCakes118
Size

1.8MB
MD5

5aebb834f58f998e72df6d454dd4eb7d
SHA1

7704b71ec8e2cfd481bfd22ce0752244f2226eef
SHA256

c9c218e6ea3feaffe18e6149c9e9a42748e7c794b3d8334fd561ac3ec688ec03
SHA512

1e429c12645c02fd15288692ed622b33be332305c08dcf3cf9936890a3e50b0258546e4665bccab9fdd467f7fd39fa33930562de8d6cacd202d775074b2b4ea3
SSDEEP

49152:kHLhq/Fayr2wVFDHPgQKO2dZ0qJQ4zFvIKi16SezkYIQLRmyfZ49NvfE1bCf:4LEMyrBDvfKpPpFdi16S0kYrLrkvfE12

Score

1^/10

Malware Config

Signatures

Files

5aebb834f58f998e72df6d454dd4eb7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24babc1e891de79ecf5e3b7adc929c7e

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

07:9b:1a:f6:0b:fb:eb:d7:4d:d1:1d:dc:fe:25:d1:5b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

24/06/2010, 00:00

Not After

24/06/2011, 23:59

Subject

CN=Duck Play LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Duck Play LLC,L=Plantation,ST=Florida,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DestroyWindow
DialogBoxParamA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
MessageBoxA

kernel32

InterlockedIncrement
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
GetVolumeInformationW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
GetProcessHeap
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
VirtualProtect
GetCurrentThread
GetThreadTimes
CreateThread
SetThreadPriority
WaitForSingleObject
CloseHandle
CreateFileA
FreeLibrary

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24babc1e891de79ecf5e3b7adc929c7e

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

07:9b:1a:f6:0b:fb:eb:d7:4d:d1:1d:dc:fe:25:d1:5bCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 4KB - Virtual size: 4KB

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

07:9b:1a:f6:0b:fb:eb:d7:4d:d1:1d:dc:fe:25:d1:5b
Certificate

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 4KB - Virtual size: 4KB