69028f74cfe7bb17cfe534c50c9408ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69028f74cfe7bb17cfe534c50c9408ef_JaffaCakes118
Size

25KB
MD5

69028f74cfe7bb17cfe534c50c9408ef
SHA1

e3b6ded8c98c87c3470c0704d9fbb14da79fde9a
SHA256

e7aa79acc2196d14c7b693742dd76aee6532222a1b0db5f3c4aafc84e54c0d90
SHA512

0c4b1486383678788c1d27eb9fa9cd8e646e6d860bde620f537f61b41c91af3e2e3d5cb6277e9a2524bf9a0393d9c712f7f0cdf354fec32f4b80d95d7a46298b
SSDEEP

384:LvFCShtfbvbbxLkG60c4X0hjT3nWnjrGYuoe+lPnviqis9QlcffyqGef:jYw3dLsP3CCYX/DisKl4qR

Score

1^/10

Malware Config

Signatures

Files

69028f74cfe7bb17cfe534c50c9408ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca758680d0453c237edf27a188141714

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

12/12/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

21:0f:c8:b5:67:a8:68:9f:a2:36:fd:5e:26:91:56:22
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

09/09/2002, 00:00

Not After

22/09/2003, 23:59

Subject

CN=Autodesk\, Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Design Solutions Division,O=Autodesk\, Inc,L=San Rafael,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\global\Release\bin\acad\BrandSn.pdb

Imports

mfc70

ord3522
ord3523
ord3513
ord2461
ord3751
ord4262
ord2352
ord3140
ord512
ord698
ord1014
ord2463
ord2359
ord2651
ord2529
ord4088
ord2648
ord2546
ord2356
ord5322
ord4985
ord5002
ord4349
ord3750
ord2096
ord4998
ord4996
ord2741
ord1770
ord3640
ord5152
ord5933
ord1097
ord4883
ord899
ord3614
ord5339
ord1868
ord1913
ord4107
ord5990
ord3609
ord5992
ord3814
ord3832
ord977
ord3487
ord982
ord957
ord705
ord703
ord1077
ord4042
ord1081

msvcr70

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_onexit
__dllonexit
fopen
fclose
strrchr
strtok
_ismbcspace
_mbsinc
isdigit
atoi
sprintf
__CxxFrameHandler
memmove
_setmbcp
_c_exit

kernel32

GetThreadLocale
GetACP
InterlockedExchange
GetVersionExA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
lstrlenA
LoadLibraryA
CreateProcessA
Sleep
SetFileTime
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileInformationByHandle
CreateFileA
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA

user32

CharNextA
MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ca758680d0453c237edf27a188141714

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75Certificate

Extended Key Usages

Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

21:0f:c8:b5:67:a8:68:9f:a2:36:fd:5e:26:91:56:22Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

mfc70

msvcr70

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 344B

.rsrc Size: 12KB - Virtual size: 12KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

21:0f:c8:b5:67:a8:68:9f:a2:36:fd:5e:26:91:56:22
Certificate

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 344B

.rsrc
Size: 12KB - Virtual size: 12KB