5c77c969b2ff7aa946cb5519f131718e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c77c969b2ff7aa946cb5519f131718e_JaffaCakes118
Size

566KB
MD5

5c77c969b2ff7aa946cb5519f131718e
SHA1

8bcbefbefcf09364d259b35e6d0b77ec16ec739c
SHA256

6c362070d1645fa23298946eeab867f7de38df488aa324ee81c1ff3044e1fbee
SHA512

eff5a94d3aec1aae3facf0b0f05425374e2ef00e06885516c8dc6bf242e50da746a1b5326e412db6d71f94b6eff319d52a084d074918287b0196d13870947fce
SSDEEP

12288:BQknU/Gde65jM0OPOojhEYpLlK8ApbGzs/oMn7hQKvTKPqPI4YI5muD7EUxeXYd1:BrnjH8WozxTAQnM7hjTyKI4D5Pv1xeXO

Score

1^/10

Malware Config

Signatures

Files

5c77c969b2ff7aa946cb5519f131718e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8028f65bd0c48ae25d5f73d912a1534d

Code Sign

04:00:00:00:00:01:20:19:c1:90:66
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

18/03/2009, 11:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA,OU=Timestamping CA,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:00:00:00:00:01:25:b0:b4:cc:01
Certificate

Issuer

CN=GlobalSign Timestamping CA,OU=Timestamping CA,O=GlobalSign

Not Before

21/12/2009, 09:32

Not After

22/12/2020, 09:32

Subject

CN=GlobalSign Time Stamping Authority,O=GlobalSign NV,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:32:32:f5:64:e8:bf:ca:bc:79:0c:72:12:da:5f:14:a8
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

26/07/2011, 08:09

Not After

26/07/2012, 08:09

Subject

CN=Trinityworks Inc.,O=Trinityworks Inc.,L=Yokohama,ST=Kanagawa,C=JP,1.2.840.113549.1.9.1=#0c1b436f64655369676e407472696e697479776f726b732e636f2e6a70

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

66:13:c1:e4:07:08:e3:88:28:9c:c9:03:8a:5b:16:45:81:a7:bb:30
Signer

Actual PE Digest

66:13:c1:e4:07:08:e3:88:28:9c:c9:03:8a:5b:16:45:81:a7:bb:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
CreateFileA
LocalFree
lstrcmpA
GetFileAttributesA
GetVolumeInformationA
_lopen
GetModuleFileNameA
GetVersionExA
FileTimeToSystemTime
_llseek
lstrcpynA
GetSystemDirectoryA
SearchPathA
GetEnvironmentVariableA
GetWindowsDirectoryA
lstrcatA
GetCurrentDirectoryA
_lclose
CloseHandle
lstrcpyA
lstrlenA
CreateDirectoryA
IsDBCSLeadByte
_lread
WriteFile
LocalAlloc
DeleteFileA
GetStartupInfoA
GetModuleHandleA

user32

SetFocus
GetDlgItemTextA
PostMessageA
KillTimer
SendDlgItemMessageA
EndDialog
DialogBoxParamA
MoveWindow
LoadIconA
SetTimer
IsIconic
GetWindowRect
SetWindowTextA
GetSystemMetrics
DestroyIcon
BeginPaint
DrawIcon
EnableWindow
SetDlgItemTextA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
wsprintfA
CharPrevA
GetDlgItem
EndPaint
SendMessageA

gdi32

SetMapMode
GetMapMode

comdlg32

GetOpenFileNameA
GetFileTitleA

shell32

ShellExecuteA

crtdll

_global_unwind2
_local_unwind2
memset
_strnicmp
exit
strchr
strrchr
atoi
_fmode_dll
_exit
_XcptFilter
_acmdln_dll
_initterm
__GetMainArgs
_commode_dll

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 149B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8028f65bd0c48ae25d5f73d912a1534d

Code Sign

04:00:00:00:00:01:20:19:c1:90:66Certificate

Key Usages

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

01:00:00:00:00:01:25:b0:b4:cc:01Certificate

Extended Key Usages

Key Usages

11:21:32:32:f5:64:e8:bf:ca:bc:79:0c:72:12:da:5f:14:a8Certificate

Extended Key Usages

Key Usages

66:13:c1:e4:07:08:e3:88:28:9c:c9:03:8a:5b:16:45:81:a7:bb:30Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

crtdll

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 149B

.data Size: 1024B - Virtual size: 726B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

04:00:00:00:00:01:20:19:c1:90:66
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

01:00:00:00:00:01:25:b0:b4:cc:01
Certificate

11:21:32:32:f5:64:e8:bf:ca:bc:79:0c:72:12:da:5f:14:a8
Certificate

66:13:c1:e4:07:08:e3:88:28:9c:c9:03:8a:5b:16:45:81:a7:bb:30
Signer

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 149B

.data
Size: 1024B - Virtual size: 726B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB