81cc585c6dda44cda2e9ef91c238b8ff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

81cc585c6dda44cda2e9ef91c238b8ff_JaffaCakes118
Size

347KB
MD5

81cc585c6dda44cda2e9ef91c238b8ff
SHA1

be98eeb46e61671e06031cea140661cd3d4db553
SHA256

70d6c8648c5578f98a6080bbc66b8eafdb7ba9b650d7c405af9ff11780146af7
SHA512

d2b1cc14a6b8e7350b564dc09f0bac1375d27f9c6e6cac235c3985123e084044b451f9475f48c20cfd78cb7b13ddcf3c2a200f985831489c1bc95556bb02fd54
SSDEEP

6144:/efdDoDLhnowxc2NDvJQT90jp0jQ9p6c789JZfkoXfNIK+i9SPVsMXy:WRoDLvO2NDzzpd8hfxNIK+i9Vl

Score

1^/10

Malware Config

Signatures

Files

81cc585c6dda44cda2e9ef91c238b8ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56ed6084c5ecd8784553be57502cda76

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ae:55:a5:f8:0e:e0
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

21/05/2009, 18:07

Not After

21/05/2010, 16:58

Subject

CN=AnalogX\, LLC,O=AnalogX\, LLC,L=Tempe,ST=AZ,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:fb:68:a0:f8:ad:2e:dd:d2:cf:d2:7f:83:23:ce:6c:94:16:39:c9
Signer

Actual PE Digest

7b:fb:68:a0:f8:ad:2e:dd:d2:cf:d2:7f:83:23:ce:6c:94:16:39:c9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderA
ShellExecuteExA
SHGetDesktopFolder

kernel32

FindClose
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetCurrentDirectoryA
MultiByteToWideChar
GetVersionExA
LoadLibraryExA
GetDiskFreeSpaceA
GetExitCodeProcess
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetEndOfFile
DeleteFileA
CreateDirectoryA
GetCommandLineA
QueryPerformanceFrequency
LCMapStringA
GetLocaleInfoA
HeapSize
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
FreeEnvironmentStringsA
GetFullPathNameA
RaiseException
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetHandleCount
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetProcessHeap
ReadFile
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
HeapFree
HeapAlloc
CreateFileA
GetFileType
SetFilePointer
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
FlushFileBuffers
ExitProcess
GetModuleHandleA
GetSystemTimeAsFileTime
AllocConsole
GetStdHandle
SetConsoleTitleA
LocalFree
LocalAlloc
CreateEventA
GetLastError
SetEvent
InterlockedExchange
QueryPerformanceCounter
GetCurrentThreadId
WriteFile
Sleep
LoadLibraryA
GetProcAddress
GetCurrentProcess
FreeLibrary
CloseHandle
CreateMutexA
WaitForSingleObject
ReleaseMutex
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetEnvironmentStrings

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

PostQuitMessage
LoadIconA
GetSysColorBrush
DestroyIcon
CreateDialogParamA
ShowWindowAsync
DestroyWindow
DialogBoxParamA
SetWindowTextA
EndDialog
GetParent
GetSystemMetrics
GetDesktopWindow
SetWindowPos
GetWindowRect
PeekMessageA
GetMessageA
DispatchMessageA
SetForegroundWindow
EnumWindows
IsWindow
GetClassNameA
GetWindowTextA
ShowWindow
CreateWindowExA
TranslateMessage
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
UnregisterClassA
LoadCursorA
RegisterClassExA
GetUpdateRect
BeginPaint
EndPaint
GetClientRect
SendMessageA
DefWindowProcA
InvalidateRect
UpdateWindow
GetWindowLongA
SetWindowLongA
MessageBoxA

ole32

CoInitialize
CoUninitialize
OleUninitialize
CoCreateInstance
OleInitialize

gdi32

GdiFlush
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
BitBlt
AddFontResourceA
RemoveFontResourceA
CreateDIBSection

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56ed6084c5ecd8784553be57502cda76

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

03:01Certificate

Key Usages

ae:55:a5:f8:0e:e0Certificate

Extended Key Usages

Key Usages

7b:fb:68:a0:f8:ad:2e:dd:d2:cf:d2:7f:83:23:ce:6c:94:16:39:c9Signer

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

advapi32

user32

ole32

gdi32

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 7KB - Virtual size: 20KB

.rsrc Size: 5KB - Virtual size: 4KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

03:01
Certificate

ae:55:a5:f8:0e:e0
Certificate

7b:fb:68:a0:f8:ad:2e:dd:d2:cf:d2:7f:83:23:ce:6c:94:16:39:c9
Signer

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 7KB - Virtual size: 20KB

.rsrc
Size: 5KB - Virtual size: 4KB