672cf656d5479d850b8c5c8b95ea1b68_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

672cf656d5479d850b8c5c8b95ea1b68_JaffaCakes118
Size

360KB
MD5

672cf656d5479d850b8c5c8b95ea1b68
SHA1

4a26c009e3563643a849fa0a15d0d761ea6d098a
SHA256

40cf3360b607b4777457a57c85313d0a6bcb56d1b75a00aa808c131286196215
SHA512

a2896ee4e5771c9ab9b78d2990be70e72dd21c1cbdbd13abdca162c2e796734e80f7b78f2792eecb203d4726fbe9948f9dbb2aa27b2a86e73a8a90903a5d3cc4
SSDEEP

6144:z1c67wQlDTR58znyWGqoS5JD6Yvm1wZyUb6b/1BcwLq1lwMPJ41l6Xc4G7Hmx:z1c67wQlX8uWtoSrD6YeYTb6bNpz1l6d

Score

1^/10

Malware Config

Signatures

Files

672cf656d5479d850b8c5c8b95ea1b68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0760c569f0d8bc52a44a8363a43ab51

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

27/11/2009, 00:00

Not After

27/11/2011, 23:59

Subject

CN=YNK JAPAN Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=YNK JAPAN Inc,L=\ Nihonbashi Kodenmachou10-6,ST=Chuo-ku,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:63:00:01:00:02:1f:a8:dc:56:b5:ea:e7:2c
Certificate

Issuer

CN=TC TrustCenter Class 2-II L1 CA IV,OU=TC TrustCenter Class 2-II L1 CA,O=TC TrustCenter GmbH,C=DE

Not Before

17/06/2009, 15:22

Not After

31/12/2025, 19:59

Subject

CN=TC TrustCenter Authenticode Timestamp II,OU=Timestamp,O=TC TrustCenter,L=Hamburg,ST=Hamburg,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LockResource
CreateFileA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetFileAttributesA
FindClose
FindFirstFileA
lstrcpyA
GetSystemDirectoryA
MoveFileExA
DeleteFileA
MoveFileA
GetTempPathA
ExitProcess
CreateMutexA
GetStringTypeA
LCMapStringW
lstrcatA
GetFileSize
GetTickCount
VirtualFree
WriteFile
SizeofResource
FreeLibrary
LoadLibraryA
CloseHandle
GetProcAddress
GetCurrentProcess
GetLastError
GetWindowsDirectoryA
LCMapStringA
MultiByteToWideChar
HeapReAlloc
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
GetStringTypeW

user32

wsprintfA

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0760c569f0d8bc52a44a8363a43ab51

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4dCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

9f:63:00:01:00:02:1f:a8:dc:56:b5:ea:e7:2cCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 300KB - Virtual size: 299KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4d
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

9f:63:00:01:00:02:1f:a8:dc:56:b5:ea:e7:2c
Certificate

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 300KB - Virtual size: 299KB