cef1752adaed2e11d028138b3dcd466f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cef1752adaed2e11d028138b3dcd466f_JaffaCakes118
Size

140KB
MD5

cef1752adaed2e11d028138b3dcd466f
SHA1

96a61e6a8ee341c51d268fd57d84a6b9adcd023e
SHA256

c012dfafd6004f8af868e143d539562830140198224e3409b7d2ca8402a6a583
SHA512

5f5a924124a807d8266babc03795edd40c0a1b0adc4593f2b4a079aaa5c360ae35301f2f92095993e6d4ac233b437af296e03a013e903dfb72576121d5061cc3
SSDEEP

3072:XXQWvsu60u98C4v0aqhsV/+xU1PlpFrjPnvQvE1PlpFrjPnvO9vC01r:XXnW0u5ON4sdOq01r

Score

1^/10

Malware Config

Signatures

Files

cef1752adaed2e11d028138b3dcd466f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73c2b49d4f4c8127b52ae970b6df1824

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

e3:31:8f:62:07:39:01:0d:0f:e8:17:98:a4:b8:65:1f
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

14/06/2007, 00:00

Not After

13/06/2008, 23:59

Subject

CN=PC SuperCharger Ltd.,O=PC SuperCharger Ltd.,POSTALCODE=DM,STREET=7 King George V Street,L=Roseau,ST=Roseau,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpAddRequestHeadersA
InternetCrackUrlA
InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
InternetGetCookieA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

iphlpapi

GetAdaptersInfo

comctl32

ImageList_Create
ImageList_Draw
ImageList_DrawEx
InitCommonControlsEx
ImageList_SetBkColor
ImageList_AddMasked

kernel32

GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetLastError
CloseHandle
CreateFileA
ReadFile
MapViewOfFileEx
CreateFileMappingA
GetFileSize
UnmapViewOfFile
lstrcmpiA
GetStringTypeExA
WideCharToMultiByte
lstrlenA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetSystemTime
GetPrivateProfileIntA
VirtualFree
FlushFileBuffers
WriteFile
CompareStringA
VirtualAlloc
SetFilePointer
InterlockedExchange
WaitForSingleObject
SetLastError
GetTickCount
CreateThread
lstrcmpA
DeleteFileA
DeleteCriticalSection
SetEvent
CreateEventA
InitializeCriticalSection
WaitForMultipleObjects
ResetEvent
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetVolumeInformationA
GetModuleFileNameA
CreateDirectoryA
GetTempPathA
WritePrivateProfileStringA
CreateMutexA
SetErrorMode
SetUnhandledExceptionFilter
LoadLibraryA
GetProcessHeap
GetModuleHandleA
TerminateThread
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
VirtualQuery
RtlUnwind
Sleep

user32

GetWindowLongA
KillTimer
SetTimer
RegisterWindowMessageA
GetClientRect
DrawTextA
SetWindowLongA
SetWindowTextA
GetSysColor
CallWindowProcA
DestroyIcon
LoadIconA
DialogBoxParamA
GetDlgItem
GetWindowRect
GetWindowDC
LoadBitmapA
SetForegroundWindow
EndDialog
SetDlgItemTextA
ShowWindow
GetDlgItemTextA
GetWindowTextA
SendDlgItemMessageA
GetCursorPos
DefWindowProcA
PtInRect
LoadCursorA
SetCursor
LoadStringA
InvalidateRect
SetWindowRgn
wsprintfA
SendMessageA
wvsprintfA
CharNextA
MessageBoxA
CharLowerA

gdi32

SetBkMode
CreateFontIndirectA
SelectObject
SetTextColor
CreateRectRgn
CombineRgn
GetDIBits
DeleteObject

advapi32

RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteExA
Shell_NotifyIconA
SHGetFolderPathA
ShellExecuteA

shlwapi

PathCombineA
StrToIntA
PathAppendA
PathRemoveFileSpecA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73c2b49d4f4c8127b52ae970b6df1824

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

e3:31:8f:62:07:39:01:0d:0f:e8:17:98:a4:b8:65:1fCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

wininet

iphlpapi

comctl32

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 89KB - Virtual size: 89KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

e3:31:8f:62:07:39:01:0d:0f:e8:17:98:a4:b8:65:1f
Certificate

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 89KB - Virtual size: 89KB