61474ce73dac7aa714a22ae059ba782f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61474ce73dac7aa714a22ae059ba782f_JaffaCakes118
Size

404KB
MD5

61474ce73dac7aa714a22ae059ba782f
SHA1

0cdf8534d5fa6642a511d7c02fa911d46c85684c
SHA256

ca2b1faf1c7128cf1f4c732f919f391daa78120d728abb0f2b54bbdaf0fc0bfa
SHA512

fdbb32f47dbc90c12a96d4524640d371607d7da4925a79867203d7db37f2f3ad3f1a25e127c9523d9b1da6921aa440f8b39677daed178733383f7fae889817b4
SSDEEP

6144:HI9hzrcjW1uvbOMseWUlYTQQnSH2WsYCLiExaEnwxPNDnY5NhU4:ohzwjWUbOfeWUK7NmExKPNDnYxU4

Score

1^/10

Malware Config

Signatures

Files

61474ce73dac7aa714a22ae059ba782f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a20266f2100aa25045bfd3f3d94719b

Code Sign

71:67:ae:cf:21:46:32:9b:48:28:e7:a8:55:51:cd:02
Certificate

Issuer

CN=CG13AE13H1B3DBFC1EDGAGCBFC2H131EC33C313321F31ECEDAGDBGD12DB3E313HDHBADF1HABHCAD2C2AF2EE2ACCHHA3FF3HDAF331HA32GBG2CBFABBAGHGBBFEFGADB1G3BG33DHCCD2EAEDCA1CD32BGBCCAGAHEAHDC2HEA3AB2DEA3HDBC23A3A32HHB3G2233GA1F3D2EDBDA1BHEA1G3B2FG12GCCAC2CC32H1F2G23BBEFBCCG1G3A1D3ECGD21FCB3132CEA2ECBH2CGGBFBADBGAB2H3H1FBF3B2HHGCG3ECBGE2C3EAE3F1AHC2H121FH12FF1GDBA11F2EDADBE1H213HBC2GF3H3FB2F1HE3AFECB3B1F3CGA1F22H2EEDH2GCA1HE12CFGGHFCCG1DACDAGCHCDHHFHDGAB2AADF2GBF31BDG3D2AHCH322AA1ABBCH2HBAHAGG13AAGGBAAEBE3GB2B1EA13FGGA3CGFE3E2CA31HEAGFFBFCGCACEBDF1BHFEE2CHDGHE2H1HFDH1G3E2GGAGGHBECGH1GA12213DEGC3CAHF3E21B31EHGA3CFHG32F1F1D11CFDEHG1AECHFCDBDHCGH1F1FHB3CECHDECGEBEGBHFHDAHDE2DFEGBEGGBHADC22A31AHD2GBD3HA1AGCFGDG1D1BDEF113FDFFBDFFBH3D2B1HF2FABAHCA3CBBHD1FFDGB2AC3FA2FBGC3CFGBB2AEH1BBFG1F3FEEHBGCA2CDDDHE2BAGFGCDDFCGGBEECEHAGADF1BCH2BACC13FEBCH3DFB1FAEBCE2EA11DBD1FC3EDCCG31GD13FFFE32FEDFEEDAF1CHEGD2323DH2GGBDD3AGDGEACDGEC2CDB3HHHAEF1A2HEAHCBHCHBFB2FHGFH2H1GCBFFG2F23GGCGA12FGFFA3A3FHA2BAFG12EDE22G1EAACAGHCC2D1EBHFHEG 5555555555555ffggfgfgfgfgfggfggffg

Not Before

29/11/2012, 06:21

Not After

31/12/2039, 23:59

Subject

CN=CG13AE13H1B3DBFC1EDGAGCBFC2H131EC33C313321F31ECEDAGDBGD12DB3E313HDHBADF1HABHCAD2C2AF2EE2ACCHHA3FF3HDAF331HA32GBG2CBFABBAGHGBBFEFGADB1G3BG33DHCCD2EAEDCA1CD32BGBCCAGAHEAHDC2HEA3AB2DEA3HDBC23A3A32HHB3G2233GA1F3D2EDBDA1BHEA1G3B2FG12GCCAC2CC32H1F2G23BBEFBCCG1G3A1D3ECGD21FCB3132CEA2ECBH2CGGBFBADBGAB2H3H1FBF3B2HHGCG3ECBGE2C3EAE3F1AHC2H121FH12FF1GDBA11F2EDADBE1H213HBC2GF3H3FB2F1HE3AFECB3B1F3CGA1F22H2EEDH2GCA1HE12CFGGHFCCG1DACDAGCHCDHHFHDGAB2AADF2GBF31BDG3D2AHCH322AA1ABBCH2HBAHAGG13AAGGBAAEBE3GB2B1EA13FGGA3CGFE3E2CA31HEAGFFBFCGCACEBDF1BHFEE2CHDGHE2H1HFDH1G3E2GGAGGHBECGH1GA12213DEGC3CAHF3E21B31EHGA3CFHG32F1F1D11CFDEHG1AECHFCDBDHCGH1F1FHB3CECHDECGEBEGBHFHDAHDE2DFEGBEGGBHADC22A31AHD2GBD3HA1AGCFGDG1D1BDEF113FDFFBDFFBH3D2B1HF2FABAHCA3CBBHD1FFDGB2AC3FA2FBGC3CFGBB2AEH1BBFG1F3FEEHBGCA2CDDDHE2BAGFGCDDFCGGBEECEHAGADF1BCH2BACC13FEBCH3DFB1FAEBCE2EA11DBD1FC3EDCCG31GD13FFFE32FEDFEEDAF1CHEGD2323DH2GGBDD3AGDGEACDGEC2CDB3HHHAEF1A2HEAHCBHCHBFB2FHGFH2H1GCBFFG2F23GGCGA12FGFFA3A3FHA2BAFG12EDE22G1EAACAGHCC2D1EBHFHEG 5555555555555ffggfgfgfgfgfggfggffg

Extended Key Usages

ExtKeyUsageCodeSigning

60:77:35:cc:05:29:e4:36:9a:34:a2:bd:72:01:59:2e:e0:e1:ab:d8
Signer

Actual PE Digest

60:77:35:cc:05:29:e4:36:9a:34:a2:bd:72:01:59:2e:e0:e1:ab:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VerSetConditionMask
VerifyVersionInfoW
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetTimeFormatW
WideCharToMultiByte
OpenProcess
GetStdHandle
GetConsoleScreenBufferInfo
CloseHandle
GetLogicalDrives
GetDriveTypeW
GetVolumeInformationW
lstrcpynW
FindFirstFileW
FindClose
SetConsoleCursorPosition
WriteConsoleW
LocalFree
FormatMessageW
ReadConsoleW
ReadFile
SetConsoleMode
GetConsoleMode
FileTimeToSystemTime
GetComputerNameExW
GetCurrentProcess
QueryPerformanceCounter
lstrlenW
lstrcpyW
SetLastError
lstrcmpW
lstrcatW
lstrcmpiW
GetLastError
CompareStringW
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GetComputerNameW
MultiByteToWideChar
VirtualQuery
VirtualAlloc
VirtualFree

user32

RegisterClassExA
CreateWindowExA
SetTimer
MessageBoxA
ShowWindow
UpdateWindow
TranslateMessage
MessageBeep
InvalidateRect
BeginPaint
GetClientRect
FillRect
EndPaint
KillTimer
PostQuitMessage
DefWindowProcA
LoadIconA
GetDesktopWindow
PostMessageW
LoadIconW
SetForegroundWindow
ReleaseDC
GetDC
SendMessageW
EnableWindow

gdi32

CreateSolidBrush
DeleteObject
GetStockObject
GetDeviceCaps
GetObjectA
CreateFontIndirectA

advapi32

RegOpenKeyExW

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA

version

GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a20266f2100aa25045bfd3f3d94719b

Code Sign

71:67:ae:cf:21:46:32:9b:48:28:e7:a8:55:51:cd:02Certificate

Extended Key Usages

60:77:35:cc:05:29:e4:36:9a:34:a2:bd:72:01:59:2e:e0:e1:ab:d8Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

version

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 282KB - Virtual size: 281KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 512B - Virtual size: 508B

71:67:ae:cf:21:46:32:9b:48:28:e7:a8:55:51:cd:02
Certificate

60:77:35:cc:05:29:e4:36:9a:34:a2:bd:72:01:59:2e:e0:e1:ab:d8
Signer

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 282KB - Virtual size: 281KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 512B - Virtual size: 508B