6245a71ca4620fbeffff18eceaefd2b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6245a71ca4620fbeffff18eceaefd2b4_JaffaCakes118
Size

238KB
MD5

6245a71ca4620fbeffff18eceaefd2b4
SHA1

815bf0c8dd7cb4666abbf990bd2e8678dd0945c3
SHA256

1bed703a2ce186ba602af86c99d04d69cad6a5015f6d4771f8d1e4c5f67d64ed
SHA512

62158a29ba6b74c0b00bbdde099e3bb9ee38ef25202a8e15cbea172dddb8f7098c2da2a756d0bd58537ec1764acd2a3eb13dcfc09dd40a0751a057a578a755a9
SSDEEP

6144:1/axU+UgxKnBN34bDkndajGBsxTHQR3+Wmj+kF:1CkOKBN34f+qRVHQRuWmj+kF

Score

1^/10

Malware Config

Signatures

Files

6245a71ca4620fbeffff18eceaefd2b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa219a5d3c3e0943e8e1d8e1e8cfd712

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:0f:11:f1:24:a7:3b:de:cc:41:25:98:45:a8:a7:73
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

09/04/2010, 00:00

Not After

09/04/2011, 23:59

Subject

CN=TrustPort,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=TrustPort,L=Brno,ST=Morava,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dd:18:1f:90:85:f9:81:ca:54:95:b5:0a:3a:97:35:31:32:8a:cd:4a
Signer

Actual PE Digest

dd:18:1f:90:85:f9:81:ca:54:95:b5:0a:3a:97:35:31:32:8a:cd:4a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
GetAtomNameA
GetSystemDirectoryA
EnumCalendarInfoA
GetModuleFileNameA
FileTimeToSystemTime
GetUserDefaultLangID
GetSystemInfo
GetLogicalDriveStringsW
GetCurrentThreadId
RemoveDirectoryA
CreateEventW
OpenSemaphoreW
ExitProcess
SearchPathW
lstrcmpA
LoadLibraryExA
GetFullPathNameA
LoadLibraryW
GetOEMCP
lstrcpyA
lstrcmpiW
ReplaceFileA
CreateMailslotA
OpenEventA
SetUnhandledExceptionFilter
GlobalFindAtomA
ConnectNamedPipe
GetThreadLocale
GetFileAttributesW
FreeLibrary
GetProcAddress
GetShortPathNameW
BeginUpdateResourceW
GetTempPathA
DuplicateHandle
GetComputerNameA
FatalAppExitW
IsBadStringPtrA
OpenMutexW
SystemTimeToFileTime
CopyFileExW
IsValidCodePage
RaiseException
GetExitCodeThread
GetHandleInformation
CreateMutexA
LocalAlloc
GetExpandedNameW
GetTimeFormatW
SetCurrentDirectoryW
SetComputerNameW
TlsAlloc
CopyFileA
AddAtomA
GetEnvironmentVariableA
CreateEventA
GetWindowsDirectoryW
CreateNamedPipeA
lstrcat
GetModuleHandleA
CreateSemaphoreA
GetModuleHandleW
EnumDateFormatsA
lstrlenW
ExpandEnvironmentStringsW
GetVolumeInformationA
GetTempFileNameA
LoadResource
lstrcatA
CreateSemaphoreW
AddAtomW
LocalFree

user32

CharPrevA
FindWindowA
PeekMessageW
MessageBoxIndirectA
CharLowerA
CreateMenu
IsDlgButtonChecked
EnumClipboardFormats
wsprintfW
LoadCursorW
CheckMenuItem
WinHelpW
GetClassInfoExA
GetSubMenu
LoadImageA
GetCapture
SetParent
IsChild
GetMenuStringW
GetCapture
GetDlgItemTextW
CopyIcon
SetWindowLongW
LoadBitmapA
MoveWindow
SetWindowTextA
GetSystemMetrics
CharNextA
EnableWindow
MonitorFromRect
GetDCEx
LoadBitmapW
CreateAcceleratorTableA
CreateDesktopW
GetMenuStringA
SetMenu
DialogBoxParamW
MessageBeep
GetFocus
GetMenuItemRect
IsIconic
EnumWindows
InvalidateRgn
GetIconInfo
InsertMenuItemW
GetClassInfoA
CreateDialogIndirectParamA
SetActiveWindow
AppendMenuA
IsWindow
TrackPopupMenuEx
RegisterClassA
SetCursor
InsertMenuItemA
LoadMenuIndirectW
TrackPopupMenu
RegisterClassExA
GetSysColorBrush
GetCursorPos
CharUpperA
UpdateLayeredWindow
wvsprintfW
GetForegroundWindow
MessageBoxW
GetScrollPos
CharUpperW
PostQuitMessage
SetCapture
GetCaretPos
GetDlgItemTextA
CreateAcceleratorTableW
GetDlgItemInt
PostMessageW
GetMessageA
ShowWindow
LoadMenuW
OpenClipboard
DialogBoxParamA
DefWindowProcA
CreateDesktopA
mouse_event
DefWindowProcW
UnregisterClassA
CreateDialogParamA
SetFocus
GetDesktopWindow
GetMenuState
ActivateKeyboardLayout
GetActiveWindow
LoadMenuA
GetMenuItemID
LoadImageW
WaitForInputIdle
GetKeyboardType
MonitorFromPoint
OffsetRect
MonitorFromWindow
InsertMenuA
RegisterWindowMessageA
CreateWindowExA
SetDlgItemInt
GetClassInfoW
EndDialog
GetClassInfoExW
CreateDialogParamW
GetActiveWindow
SendDlgItemMessageW
SetDlgItemTextW
RegisterClassW
CreateDialogIndirectParamW
UnregisterClassW
SendDlgItemMessageA
GetMenuItemInfoW
CharNextW
GetKeyboardLayout
GetMessageW
CopyRect
DialogBoxIndirectParamW
PeekMessageA
SendMessageW
EmptyClipboard
InvalidateRect
SetWindowPos
MessageBoxIndirectW
ShowCaret
DestroyIcon
GetMenuItemCount
AdjustWindowRect
ShowCursor
WaitMessage
LoadIconW
FindWindowW
LoadMenuIndirectA
CharLowerW
CreatePopupMenu
GetMenuInfo

gdi32

CreatePatternBrush
UpdateICMRegKeyW
GetMetaFileA
SetMetaFileBitsEx
CreateCompatibleDC
GetStockObject
CreateMetaFileW
GdiGetBatchLimit
CreateMetaFileA
GetTextExtentPointA
CreateFontIndirectA
GetTextExtentPointW
GetEnhMetaFilePixelFormat

shell32

ShellExecuteA
ExtractIconA

comctl32

ImageList_EndDrag
DrawInsert
ImageList_GetDragImage

oleaut32

VarI1FromDec
VarAdd
VarDecFromDisp
VarDateFromUdateEx
VarCyFromStr

opengl32

glEvalMesh2
glReadBuffer
glGetLightfv
wglCopyContext
glMapGrid1f
glRectdv
glMultMatrixf

setupapi

SetupCancelTemporarySourceList

version

GetFileVersionInfoW
GetFileVersionInfoA

wininet

GopherOpenFileW
DeleteUrlCacheGroup
InternetSetCookieW
InternetReadFile
CreateUrlCacheEntryW
FindNextUrlCacheEntryA
IsUrlCacheEntryExpiredA
InternetSetDialState
SetUrlCacheHeaderData
InternetGetCertByURLA
InternetTimeToSystemTimeW

winmm

SendDriverMessage
waveOutSetVolume

printui

bFolderRefresh
RegisterPrintNotify

inetcomm

MimeOleGetCodePageInfo
HrFreeAttachData
HrSaveAttachmentAs
MimeOleGetCodePageCharset
MimeOleFileTimeToInetDate
MimeOleSMimeCapAddSMimeCap
MimeOleSMimeCapInit
MimeOleGenerateMID
MimeOleGetCertsFromThumbprints

Sections

.JHU
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MAxW
Size: 1024B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.S
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.j
Size: 4KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.p
Size: 5KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yxDr
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gIaUE
Size: 2KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Zi
Size: 7KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xRqE
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ujbaf
Size: 11KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EX
Size: 2KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa219a5d3c3e0943e8e1d8e1e8cfd712

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

04:0f:11:f1:24:a7:3b:de:cc:41:25:98:45:a8:a7:73Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

dd:18:1f:90:85:f9:81:ca:54:95:b5:0a:3a:97:35:31:32:8a:cd:4aSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

oleaut32

opengl32

setupapi

version

wininet

winmm

printui

inetcomm

Sections

.JHU Size: 2KB - Virtual size: 2KB

.MAxW Size: 1024B - Virtual size: 52KB

.S Size: 88KB - Virtual size: 88KB

.j Size: 4KB - Virtual size: 117KB

.p Size: 5KB - Virtual size: 449KB

.yxDr Size: 11KB - Virtual size: 11KB

.gIaUE Size: 2KB - Virtual size: 295KB

.Zi Size: 7KB - Virtual size: 45KB

.xRqE Size: 88KB - Virtual size: 88KB

.ujbaf Size: 11KB - Virtual size: 203KB

.EX Size: 2KB - Virtual size: 452KB

.rsrc Size: 5KB - Virtual size: 5KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

04:0f:11:f1:24:a7:3b:de:cc:41:25:98:45:a8:a7:73
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

dd:18:1f:90:85:f9:81:ca:54:95:b5:0a:3a:97:35:31:32:8a:cd:4a
Signer

.JHU
Size: 2KB - Virtual size: 2KB

.MAxW
Size: 1024B - Virtual size: 52KB

.S
Size: 88KB - Virtual size: 88KB

.j
Size: 4KB - Virtual size: 117KB

.p
Size: 5KB - Virtual size: 449KB

.yxDr
Size: 11KB - Virtual size: 11KB

.gIaUE
Size: 2KB - Virtual size: 295KB

.Zi
Size: 7KB - Virtual size: 45KB

.xRqE
Size: 88KB - Virtual size: 88KB

.ujbaf
Size: 11KB - Virtual size: 203KB

.EX
Size: 2KB - Virtual size: 452KB

.rsrc
Size: 5KB - Virtual size: 5KB