ade6ee1b29f5f8b61f471607cfd6060d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ade6ee1b29f5f8b61f471607cfd6060d_JaffaCakes118
Size

70KB
MD5

ade6ee1b29f5f8b61f471607cfd6060d
SHA1

6a1aad3d04d222601095988670068c6d85d4f7ed
SHA256

cb9f266ff01b4a6b44c8ef4ce627b295002f52acabe151771672a07970c0ab12
SHA512

24d6e30d42a4df0b7ee04315bb71a7129ba0cc0ccd6ce20a5a122653c73bc71cf01434a22b7f44d6b25ee5ab2a1f53279bc4d035a0668ee1bf6baa3cef496c9e
SSDEEP

1536:nzKeWw+6RezbWI9DOQuk1RGolS3OWJHgnWvWPuSFs7blosJjobsgZU:n+eW96cnWIQQuC7+HSWOdFs7EBU

Score

1^/10

Malware Config

Signatures

Files

ade6ee1b29f5f8b61f471607cfd6060d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dfef0c966fff41a83ff2f0f272ef2c1

Code Sign

08:2f:fa
Certificate

Issuer

CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c177365727665722d6365727473407468617774652e636f6d

Not Before

14/08/2001, 10:49

Not After

14/08/2002, 10:49

Subject

CN=C2 Media Ltd.,OU=Secure Application Development,O=C2 Media Ltd.,L=Borehamwood,ST=Hertfordshire,C=UK

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

01
Certificate

Issuer

CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c177365727665722d6365727473407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c177365727665722d6365727473407468617774652e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcessHeap
ReadFile
LocalFree
LocalAlloc
ReleaseMutex
GetExitCodeProcess
WaitForSingleObject
ResumeThread
CreateProcessA
CreateMutexA
ExitProcess
OpenMutexA
CopyFileA
Sleep
GetTickCount
DeleteFileA
GetCommandLineA
HeapAlloc
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
GetTempPathA
VirtualAlloc
SetFilePointer

user32

FindWindowA
SendMessageA

msvcrt

strstr
time
strcmp
strlen
srand
rand

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dfef0c966fff41a83ff2f0f272ef2c1

Code Sign

08:2f:faCertificate

Extended Key Usages

01Certificate

Signer

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

08:2f:fa
Certificate

01
Certificate

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B