8911c1ee88c220a35ab076dda8c33c2e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8911c1ee88c220a35ab076dda8c33c2e_JaffaCakes118
Size

1.4MB
MD5

8911c1ee88c220a35ab076dda8c33c2e
SHA1

880e890bcdf9937f1aa1aac0d8541fdd54fd1b59
SHA256

bba9a4f4a849c3d07490d6e955d4ef54c79def9d59d50fa2c65888178afc80b6
SHA512

07ab8c767d4da7f5844f909656def5ed872126a7d46c62182adec7765c57196f293ee624dfbe4199f3b69cc16fad7b79ef801e7bd5b6a8c45042896ad0b1c707
SSDEEP

24576:SofM+Ptsk32hHmO6t5U4Bx0zA+6+GdsB5g7D:Vtsk32hmx+A+6+dB5g7D

Score

1^/10

Malware Config

Signatures

Files

8911c1ee88c220a35ab076dda8c33c2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aaa2b3c1c80ace8692a791039e0618c1

Code Sign

05:b0:ff
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

16/02/2006, 18:01

Not After

19/02/2016, 18:01

Subject

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:23:13:4f:00:00:00:00:34:67
Certificate

Issuer

CN=Intel External Basic Issuing CA 3B,O=Intel Corporation,C=US

Not Before

17/02/2009, 16:45

Not After

17/02/2012, 16:45

Subject

CN=Intel(R) Software Products,O=Intel Corporation

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:2c:a5:fe:00:00:00:00:00:06
Certificate

Issuer

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Not Before

22/03/2006, 22:22

Not After

22/03/2012, 22:32

Subject

CN=Intel External Basic Issuing CA 3B,O=Intel Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

85:e2:2b:ff:14:79:7a:bb:dc:82:47:9e:38:58:16:f1:26:90:89:8e
Signer

Actual PE Digest

85:e2:2b:ff:14:79:7a:bb:dc:82:47:9e:38:58:16:f1:26:90:89:8e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
Sleep
SetThreadAffinityMask
GetCurrentThread
GetProcessAffinityMask
GetCurrentProcess
LocalFree
FormatMessageA
LoadLibraryA
GetThreadLocale
QueryPerformanceCounter
QueryPerformanceFrequency
TlsGetValue
TlsFree
TlsSetValue
TlsAlloc
GetLastError
GetStdHandle
AllocConsole
CloseHandle
VirtualQuery
SleepEx
GetExitCodeThread
SetEvent
TerminateThread
WaitForSingleObject
SetThreadPriority
GetCurrentThreadId
CreateThread
CreateEventA
DuplicateHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ResetEvent
GetSystemInfo
WideCharToMultiByte
FormatMessageW
FreeLibrary
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetComputerNameA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetCommandLineA
GetVersionExA
HeapReAlloc
GetCurrentProcessId
SetStdHandle
GetFileType
SetConsoleCtrlHandler
SetHandleCount
GetStartupInfoA
SetFilePointer
SetLastError
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
HeapSize
InterlockedExchange
CreateFileA
ReadFile
MultiByteToWideChar
VirtualProtect
GetStringTypeA
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
GetTickCount
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
SetEndOfFile

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PEF
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aaa2b3c1c80ace8692a791039e0618c1

Code Sign

05:b0:ffCertificate

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

11:23:13:4f:00:00:00:00:34:67Certificate

Extended Key Usages

Key Usages

61:2c:a5:fe:00:00:00:00:00:06Certificate

Key Usages

85:e2:2b:ff:14:79:7a:bb:dc:82:47:9e:38:58:16:f1:26:90:89:8eSigner

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 24KB - Virtual size: 79KB

PEF Size: 88KB - Virtual size: 88KB

05:b0:ff
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

11:23:13:4f:00:00:00:00:34:67
Certificate

61:2c:a5:fe:00:00:00:00:00:06
Certificate

85:e2:2b:ff:14:79:7a:bb:dc:82:47:9e:38:58:16:f1:26:90:89:8e
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 24KB - Virtual size: 79KB

PEF
Size: 88KB - Virtual size: 88KB