01ed9af6d644ba9d68903c42b697374c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01ed9af6d644ba9d68903c42b697374c_JaffaCakes118
Size

2.7MB
MD5

01ed9af6d644ba9d68903c42b697374c
SHA1

4314788e9a1d75f8b05aa3c4b480f2bb2d3862d5
SHA256

30ae6193a070fbb3beb02f2f1d213785b537868540a8e619f132c189c148526b
SHA512

bb2c2b10ce8b87bc4f1d5dbf1038b23c2f6c5dd6d5ad0d1ff5c92848fd53e2d137ebe6d181c2ddefef7583734f80874202bdf80b70e27179082df0984777d5de
SSDEEP

49152:uoCOJCoGV2qEKpKKcr6jYEK3Mv1nLAM07pHTMV04Tl+IYVhSSq+QlLQRjYNUdC0M:bCOARplTcTMpKHTF4lYrSvjGhFrM

Score

1^/10

Malware Config

Signatures

Files

01ed9af6d644ba9d68903c42b697374c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

48:1a:95:8d:09:72:2a:95:d8:f6:6c:b6:ef:9d:83:38
Certificate

Issuer

CN=Log File,O=Log File inc.

Not Before

15/05/2015, 20:25

Not After

15/05/2023, 20:25

Subject

CN=Log File,O=Log File inc.

af:c9:92:7e:f5:7b:84:29:c5:57:e3:7d:97:7d:f7:7c
Certificate

Issuer

CN=Log File,O=Log File inc.

Not Before

15/05/2015, 20:25

Not After

15/05/2023, 20:25

Subject

CN=Log File,O=Log File inc.,L=USA,C=KL

Extended Key Usages

ExtKeyUsageTimeStamping
ExtKeyUsageServerAuth
ExtKeyUsageIPSECEndSystem
ExtKeyUsageClientAuth
ExtKeyUsageIPSECUser
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection

Key Usages

KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05/05/2015, 00:00

Not After

31/12/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c0:44:05:7c:db:b3:57:a5:c7:70:46:08:30:5c:c5:44:c3:a2:f2:5f
Signer

Actual PE Digest

c0:44:05:7c:db:b3:57:a5:c7:70:46:08:30:5c:c5:44:c3:a2:f2:5f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\SSD\C#\Wor -1 - 2015-05-14\NeD Worm Version 1 (2015-05-15)\obj\x86\Debug\log file.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

48:1a:95:8d:09:72:2a:95:d8:f6:6c:b6:ef:9d:83:38Certificate

af:c9:92:7e:f5:7b:84:29:c5:57:e3:7d:97:7d:f7:7cCertificate

Extended Key Usages

Key Usages

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6Certificate

Extended Key Usages

Key Usages

c0:44:05:7c:db:b3:57:a5:c7:70:46:08:30:5c:c5:44:c3:a2:f2:5fSigner

Headers

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 18KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 12B

.rsrc Size: 33KB - Virtual size: 33KB

48:1a:95:8d:09:72:2a:95:d8:f6:6c:b6:ef:9d:83:38
Certificate

af:c9:92:7e:f5:7b:84:29:c5:57:e3:7d:97:7d:f7:7c
Certificate

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

c0:44:05:7c:db:b3:57:a5:c7:70:46:08:30:5c:c5:44:c3:a2:f2:5f
Signer

.text
Size: 18KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 33KB - Virtual size: 33KB