b174730041ca175e313d6870d13b3e8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b174730041ca175e313d6870d13b3e8e_JaffaCakes118
Size

251KB
MD5

b174730041ca175e313d6870d13b3e8e
SHA1

c93b7dddf88f4e0c66755a6bf6346aa187622cf5
SHA256

d875878f1343ab135187009d4ddba0d1a8b76271ab60464f2ea23faa8b1ba140
SHA512

d90183e3cc3c3be04a7963379968f3f4f286726e6097ee957ea6281729d713ea7c13eb96c7f9484c5c7e1b5612e87d8409bba64e89cc85fe6da9b3b3368b4b9e
SSDEEP

6144:Or5756eRGUkH0oFK0KNw9e+RR8OPCpIPg/yXFSK7q1VU:ks8O/xe+3IhE

Score

1^/10

Malware Config

Signatures

Files

b174730041ca175e313d6870d13b3e8e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

08af1753f8631cfdc211f23d1745f5b9

Code Sign

07:76:c2:e6:a8:ed:64:52:b8:66:ba:ee:b8:ae:ff:bc
Certificate

Issuer

CN=ojliulxynrik4qnyu49w8t7s4sutqv74hv87isn7y7mvmjx59hyxnn5htjsly8tomr6ixnpytrtlyrithq8nwwssm6zoyk7kqtw7x4wlrzzyikshj879wlqslmps76qv79im57rul96stytyu797lozyv7n4mu9hhokqos4hquiryts6u7zyxjr8s7z6hrnz7k8ny8p6w9v6zvp7o46t7u765tj7irukxtzohxsnop65h6yn4xl9inpovp7utpzynyhsvyjwz4uyrh6o88zpy4uism4i7yt4xmpmn87mm5otnrytxpyr6p99novmm7i8w7svlhlq7njzkp6qy5pr79z9uhon79ow58mj9r6v5k9tlzutyxmlxux84ijiw65s8wz7ynvm94lp6txpnp7hpwl4sqn8xn68tzmtywuzm5iqji4u54l7vwpu7pl4vvoy7lhj5mzxpllol6iz59ijqy7lpqu9riwqslyqpxzshiln49rusqvxl4ny6pjuuziyso6u6nyy6789ipqxhwih5wunvq484rtnhproqkw9qrtytxi5vw7lvyq7r7xjqxq6mpp7rm888z8liqpzjywxiplznt8x856nhz4m5k8l7iwzjzznvnhuqwh95ljwtj5nnkht5rrqsj9mn4pjzk8r8qt45lvwupzw4suxkn8nzwy94q9lqrrqxnhq59k56pxnl89i4yxv45u7kijokrxk4xuhoqx5ytsiiijxmuqitkrspm6rt4i6h54hytk64ku88v56rrvvzosw4i9s8rjnrx9xmxzxko95mvnyxxs7oo75ks7r5urvu9kokt4sn5vzlqwxvq475rkjwkymqv6wnp6pu94ihnzxivp4ow8t5m4i6xk84qry6hslrnq5xjtw9j8yq9kw4utz5nwwk6mxik6n45qu8sxz8klsyhimjtl46ilqqsu5hwwhpszw7otj6j7zwhlnit6p55uoqy5lniii7lt9iqk5v4jz59u45n4i7niv9tykx995jqhjqlmj7lhis576uzlmyyzp598xwuh7twy7jhjkqv9ijjwukkxtmro6uxrm65q7t4j7h95kxvrrym49vh6l8phqwlm7uv8sth8ll9hrkjiturhnwmujxl8kuwvnmqmmz 6lnmuhmlmyjs 6lnmuhmlmyjs

Not Before

04/12/2012, 16:51

Not After

31/12/2039, 23:59

Subject

CN=ojliulxynrik4qnyu49w8t7s4sutqv74hv87isn7y7mvmjx59hyxnn5htjsly8tomr6ixnpytrtlyrithq8nwwssm6zoyk7kqtw7x4wlrzzyikshj879wlqslmps76qv79im57rul96stytyu797lozyv7n4mu9hhokqos4hquiryts6u7zyxjr8s7z6hrnz7k8ny8p6w9v6zvp7o46t7u765tj7irukxtzohxsnop65h6yn4xl9inpovp7utpzynyhsvyjwz4uyrh6o88zpy4uism4i7yt4xmpmn87mm5otnrytxpyr6p99novmm7i8w7svlhlq7njzkp6qy5pr79z9uhon79ow58mj9r6v5k9tlzutyxmlxux84ijiw65s8wz7ynvm94lp6txpnp7hpwl4sqn8xn68tzmtywuzm5iqji4u54l7vwpu7pl4vvoy7lhj5mzxpllol6iz59ijqy7lpqu9riwqslyqpxzshiln49rusqvxl4ny6pjuuziyso6u6nyy6789ipqxhwih5wunvq484rtnhproqkw9qrtytxi5vw7lvyq7r7xjqxq6mpp7rm888z8liqpzjywxiplznt8x856nhz4m5k8l7iwzjzznvnhuqwh95ljwtj5nnkht5rrqsj9mn4pjzk8r8qt45lvwupzw4suxkn8nzwy94q9lqrrqxnhq59k56pxnl89i4yxv45u7kijokrxk4xuhoqx5ytsiiijxmuqitkrspm6rt4i6h54hytk64ku88v56rrvvzosw4i9s8rjnrx9xmxzxko95mvnyxxs7oo75ks7r5urvu9kokt4sn5vzlqwxvq475rkjwkymqv6wnp6pu94ihnzxivp4ow8t5m4i6xk84qry6hslrnq5xjtw9j8yq9kw4utz5nwwk6mxik6n45qu8sxz8klsyhimjtl46ilqqsu5hwwhpszw7otj6j7zwhlnit6p55uoqy5lniii7lt9iqk5v4jz59u45n4i7niv9tykx995jqhjqlmj7lhis576uzlmyyzp598xwuh7twy7jhjkqv9ijjwukkxtmro6uxrm65q7t4j7h95kxvrrym49vh6l8phqwlm7uv8sth8ll9hrkjiturhnwmujxl8kuwvnmqmmz 6lnmuhmlmyjs 6lnmuhmlmyjs

Extended Key Usages

ExtKeyUsageCodeSigning

1a:b1:63:fd:df:1f:fd:be:fa:4b:b0:86:0f:2e:8c:9c:d2:b4:13:d8
Signer

Actual PE Digest

1a:b1:63:fd:df:1f:fd:be:fa:4b:b0:86:0f:2e:8c:9c:d2:b4:13:d8

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetStartupInfoA
GetSystemTimeAsFileTime
MultiByteToWideChar
GetSystemDirectoryA
SetFilePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
lstrlenW
lstrcatA
CreateFileA
SetErrorMode
VirtualAllocEx

user32

DestroyIcon
DestroyWindow
DispatchMessageA
DispatchMessageW
GetDC
GetDlgItem
GetMessageA
GetMessageW
GetWindowRect
GetWindowTextA
DefWindowProcW
KillTimer
LoadBitmapA
LoadCursorA
LoadCursorW
LoadIconA
LoadImageA
LoadStringA
LoadStringW
PostQuitMessage
RegisterClassA
RegisterClassExW
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UnregisterClassA
wsprintfA
wsprintfW
DefWindowProcA
CreateWindowExW
CreateDialogParamA
IsDialogMessageA

comdlg32

ChooseFontW

advapi32

RegOpenKeyW

msvcrt

memcpy

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tex
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08af1753f8631cfdc211f23d1745f5b9

Code Sign

07:76:c2:e6:a8:ed:64:52:b8:66:ba:ee:b8:ae:ff:bcCertificate

Extended Key Usages

1a:b1:63:fd:df:1f:fd:be:fa:4b:b0:86:0f:2e:8c:9c:d2:b4:13:d8Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

msvcrt

Sections

.text Size: 239KB - Virtual size: 238KB

.tex Size: 1024B - Virtual size: 1000B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 112B

07:76:c2:e6:a8:ed:64:52:b8:66:ba:ee:b8:ae:ff:bc
Certificate

1a:b1:63:fd:df:1f:fd:be:fa:4b:b0:86:0f:2e:8c:9c:d2:b4:13:d8
Signer

.text
Size: 239KB - Virtual size: 238KB

.tex
Size: 1024B - Virtual size: 1000B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 112B