b20182f9ba39caf2ae3e60d8515d938b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b20182f9ba39caf2ae3e60d8515d938b_JaffaCakes118
Size

271KB
MD5

b20182f9ba39caf2ae3e60d8515d938b
SHA1

8a446b825452ab6bf3334c7b73e04e9f4befb7d2
SHA256

97b54776994a7b13e97d55606f0656c45de65dc8b5a3156cfa56b35263cdbf70
SHA512

ef7869b23462fff1017c2a90c191eb0511e904e0f0dae5c6d872541cc9a1b46544bee9b0e87f0950f4dffca4d1ebd40b16d191468350a8ebca74e6be4220e20c
SSDEEP

6144:CnAx0MsqqDLuwqqDLuXqqDLuLZWwUhqqDLuaqqDLud:tx08qnu1qnu6qnuQzcqnuvqnud

Score

1^/10

Malware Config

Signatures

Files

b20182f9ba39caf2ae3e60d8515d938b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcb9a6be470541ecbb41f69df885428c

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:31:05:6f:a2:a9:ee:8a:5e:94:54:b5:37:d3:61:00
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

05/09/2006, 00:00

Not After

22/11/2009, 23:59

Subject

CN=NET TRANSMIT & RECEIVE\, S.L.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Quality department,O=NET TRANSMIT & RECEIVE\, S.L.,L=Barcelona,ST=Barcelona,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetCurrentProcess
GetCurrentProcessId
CreateMutexA
ReleaseMutex
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
GetOEMCP
GetTempPathA
CreateDirectoryA
GetVolumeInformationA
lstrcpynA
SetLastError
SetCurrentDirectoryA
Sleep
ReadFile
SetFilePointer
GetVersion
lstrcpyA
FindResourceA
LoadResource
SetEnvironmentVariableA
LockResource
SizeofResource
WriteFile
lstrlenW
GetModuleFileNameA
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
GetCurrentDirectoryA
CreateFileA
CopyFileA
SetFileAttributesA
LoadLibraryA
GetProcAddress
GetTickCount
CreateThread
GetLastError
WaitForSingleObject
TerminateThread
EnterCriticalSection
FreeLibrary
DeleteFileA
CloseHandle
GetModuleHandleA
LeaveCriticalSection
lstrlenA
MultiByteToWideChar
FlushFileBuffers
CompareStringA
CompareStringW
GetCPInfo
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle

user32

wsprintfW
wsprintfA
GetDesktopWindow
DialogBoxParamA
GetDlgItemTextA
EndDialog
SetFocus
SetDlgItemTextA
SetWindowTextA
LoadIconA
SendMessageA
LoadBitmapA
BeginPaint
GetDlgItem
ShowWindow
EndPaint

gdi32

DeleteObject
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
DeleteDC

advapi32

OpenSCManagerA
CreateServiceA
StartServiceA
DeleteService
CloseServiceHandle
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shell32

ShellExecuteA

ole32

CoTaskMemFree

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcb9a6be470541ecbb41f69df885428c

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

63:31:05:6f:a2:a9:ee:8a:5e:94:54:b5:37:d3:61:00Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 44KB - Virtual size: 49KB

.rsrc Size: 120KB - Virtual size: 119KB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

63:31:05:6f:a2:a9:ee:8a:5e:94:54:b5:37:d3:61:00
Certificate

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 44KB - Virtual size: 49KB

.rsrc
Size: 120KB - Virtual size: 119KB