cea1c159efb9ce5a9dfee19b24e8affb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cea1c159efb9ce5a9dfee19b24e8affb_JaffaCakes118
Size

638KB
MD5

cea1c159efb9ce5a9dfee19b24e8affb
SHA1

ed6afd1778c2d68b6786aa485df1b8cad18faecf
SHA256

42a79037a8097c4f6d1023f90f66f086779a26c96b49972a8f1b394213c74f41
SHA512

32af6a953bab4b77e6a481509c5484801c767ab9e6d974b00e04bf8f82ff99f7c702c73e3b5b5d9b0fd0b8b7b2b111a3b9faf438f72c98ede1efd8880cd06158
SSDEEP

12288:x8gItTcdGNW7WJmt6VuHUD2nIVijiFM/k/6l+xs1URuNQ5CLuByHehATUrohab6F:x87tT0GNW7WJmt6VuHUD2nIVijiFM/ki

Score

1^/10

Malware Config

Signatures

Files

cea1c159efb9ce5a9dfee19b24e8affb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ad4d54f1d1bd6cbe834643fab826f066

Code Sign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8b:dd:4e:31:93:29:5e:e9
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

28/12/2018, 13:32

Not After

26/02/2020, 13:29

Subject

CN=ARRONTECH SOFTWARE LIMITED,O=ARRONTECH SOFTWARE LIMITED,L=Wan Chai,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ae:30:c3:0a:1c:b8:6c:ee:23:dc:77:a0:7e:7d:dd:6d:b6:f7:af:0d
Signer

Actual PE Digest

ae:30:c3:0a:1c:b8:6c:ee:23:dc:77:a0:7e:7d:dd:6d:b6:f7:af:0d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr90

?terminate@@YAXXZ
_unlock
__dllonexit
_lock
__setusermatherr
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
_adjust_fdiv
__p__commode
_decode_pointer
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
realloc
exit
atoi
_msize
malloc
free
_onexit
strncat
memcpy
__CxxFrameHandler3

msvcp90

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
CloseHandle
GetProcAddress
ReadFile
SetFilePointer
IsDebuggerPresent

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad4d54f1d1bd6cbe834643fab826f066

Code Sign

07Certificate

Key Usages

8b:dd:4e:31:93:29:5e:e9Certificate

Extended Key Usages

Key Usages

ae:30:c3:0a:1c:b8:6c:ee:23:dc:77:a0:7e:7d:dd:6d:b6:f7:af:0dSigner

Headers

DLL Characteristics

File Characteristics

Imports

msvcr90

msvcp90

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 972B

.rsrc Size: 63KB - Virtual size: 62KB

07
Certificate

8b:dd:4e:31:93:29:5e:e9
Certificate

ae:30:c3:0a:1c:b8:6c:ee:23:dc:77:a0:7e:7d:dd:6d:b6:f7:af:0d
Signer

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 972B

.rsrc
Size: 63KB - Virtual size: 62KB