c84da780560f8f01b95c65f9aa1517ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c84da780560f8f01b95c65f9aa1517ae_JaffaCakes118
Size

478KB
MD5

c84da780560f8f01b95c65f9aa1517ae
SHA1

ce53f19ccd9e96020827025ebaa2043099cb4372
SHA256

0f10436ccad4b28fb216225789bf9b08879d75ed40c1bc8fd9b5b3730e838ba1
SHA512

03fde0820ca4026e5886f3bc6feb6888ce93a4cb1cb3bf9cd53233d562d0ea0dca417f03e151341b904b6086dab526b5bdcf112a5d699ed99e37c7408a9cbc38
SSDEEP

6144:61erQkkJBfD0VK8/1f3T2rWt+omI+fKff6+gv9syLAOFnCO5JMQvV:663VKyT2O+1IzfiPOOFn15xN

Score

1^/10

Malware Config

Signatures

Files

c84da780560f8f01b95c65f9aa1517ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31d315fa13dd38f58efd969aeb704cc7

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

02:3c:6c:0d:b4:13:c6:cc:79:ca:b3:bc:e8:18:c2:62
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

18/12/2009, 00:00

Not After

18/12/2010, 23:59

Subject

CN=HandoComputer Co.\, Ltd.,OU=Dev Team,O=HandoComputer Co.\, Ltd.,L=Seocho-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0f:4d:61:7c:80:f0:40:1c:c2:b2:e8:60:52:5e:ea:f6:09:e1:14:47
Signer

Actual PE Digest

0f:4d:61:7c:80:f0:40:1c:c2:b2:e8:60:52:5e:ea:f6:09:e1:14:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
LCMapStringA
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
HeapFree
VirtualFree
HeapCreate
RemoveDirectoryA
HeapDestroy
Sleep
DeleteFileA
GetStringTypeW
CreateDirectoryA
CreateFileA
WriteFile
UnhandledExceptionFilter
CloseHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetEnvironmentStrings
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

user32

SetWindowTextA
wsprintfA
PostQuitMessage
SetFocus
BeginPaint
EndPaint
DefWindowProcA
DestroyWindow
GetWindowTextA
CreateWindowExA
ShowWindow
UpdateWindow
LoadCursorA
RegisterClassA
GetMessageA
DispatchMessageA
TranslateMessage

gdi32

CreateSolidBrush

advapi32

RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31d315fa13dd38f58efd969aeb704cc7

Code Sign

01Certificate

02:3c:6c:0d:b4:13:c6:cc:79:ca:b3:bc:e8:18:c2:62Certificate

Extended Key Usages

0aCertificate

Extended Key Usages

Key Usages

0f:4d:61:7c:80:f0:40:1c:c2:b2:e8:60:52:5e:ea:f6:09:e1:14:47Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 448KB - Virtual size: 447KB

.rsrc Size: 4KB - Virtual size: 16B

01
Certificate

02:3c:6c:0d:b4:13:c6:cc:79:ca:b3:bc:e8:18:c2:62
Certificate

0a
Certificate

0f:4d:61:7c:80:f0:40:1c:c2:b2:e8:60:52:5e:ea:f6:09:e1:14:47
Signer

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 448KB - Virtual size: 447KB

.rsrc
Size: 4KB - Virtual size: 16B