c90cbab6263bf50b538831e0e1140901_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c90cbab6263bf50b538831e0e1140901_JaffaCakes118
Size

1.3MB
MD5

c90cbab6263bf50b538831e0e1140901
SHA1

4d717b6bd60eb33bf5ebe873592067cc4c92b298
SHA256

d291933c7bcbf2901093ec9684fb1374a04a75055fc1d8a1506745795ecb57fe
SHA512

e7fd5a97663bb5379e531e129bebd5a0641048dbcc53adcc6415446da90ec9ac55e86745cf62a37adfdc26d675ab6584ea90e068fd23a43e01c0ab0fd2c49e7c
SSDEEP

24576:cINwoyMMVjGGGaBtHPkX9elxrHVKYsXNoAnJ4fnzSZmiZKGpvEXT+WRqpcgIb5IN:Goy3j2aaX9Gp6o+J4fnzSZfZK+ve6peG

Score

1^/10

Malware Config

Signatures

Files

c90cbab6263bf50b538831e0e1140901_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1c200c95632cfd9d873bf3d4a6fecc

Code Sign

64:08:1b:4f:b5:50:89:7b:bc:70:67:69:04:a3:31:32
Certificate

Issuer

CN=www.AnoMail.pl,O=P. Rusiecki,C=PL,1.2.840.113549.1.9.1=#0c126461726d6f777940616e6f6d61696c2e706c

Not Before

14/08/2010, 22:00

Not After

14/08/2015, 22:00

Subject

CN=www.AnoMail.pl,O=P. Rusiecki,C=PL,1.2.840.113549.1.9.1=#0c126461726d6f777940616e6f6d61696c2e706c

04:7a:55
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03/03/2009, 12:58

Not After

03/03/2024, 12:58

Subject

CN=Certum Time-Stamping Authority,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

7f:08:55:cf:06:63:80:4e:d8:6d:5a:0c:35:ea:27:f0:4b:4a:fc:37
Signer

Actual PE Digest

7f:08:55:cf:06:63:80:4e:d8:6d:5a:0c:35:ea:27:f0:4b:4a:fc:37

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
ExitProcess
RtlUnwind
LoadLibraryA
GetCurrentProcess

user32

CloseWindow
wsprintfA
CharLowerBuffA
CreateWindowExA

advapi32

RegEnumKeyA
RegDeleteKeyA
RegCreateKeyA
RegDeleteValueA

ole32

CoRegisterClassObject
OleRun
CoInitialize
CoUninitialize

Sections

Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��c
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e1c200c95632cfd9d873bf3d4a6fecc

Code Sign

64:08:1b:4f:b5:50:89:7b:bc:70:67:69:04:a3:31:32Certificate

04:7a:55Certificate

Extended Key Usages

7f:08:55:cf:06:63:80:4e:d8:6d:5a:0c:35:ea:27:f0:4b:4a:fc:37Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

Size: - Virtual size: 4.7MB

Size: 1.2MB - Virtual size: 1.2MB

����c Size: 7KB - Virtual size: 8KB

. Size: 68KB - Virtual size: 114KB

64:08:1b:4f:b5:50:89:7b:bc:70:67:69:04:a3:31:32
Certificate

04:7a:55
Certificate

7f:08:55:cf:06:63:80:4e:d8:6d:5a:0c:35:ea:27:f0:4b:4a:fc:37
Signer

��c
Size: 7KB - Virtual size: 8KB

.
Size: 68KB - Virtual size: 114KB