d52154a047eea86b1b3cce965fbb1c22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d52154a047eea86b1b3cce965fbb1c22_JaffaCakes118
Size

1.4MB
MD5

d52154a047eea86b1b3cce965fbb1c22
SHA1

4bf6870e4585cc56190f48b57808998714bbfa48
SHA256

2f0d705089e361ec8ae2156350935c7c8a0fed0229068c993099c852ae4eb9b2
SHA512

306e72c0b3c8ef059a8eca9caf7924404eb231f1862732a310265644350ea7cd4894d5e24a56e51c4af9565fc1a5c22aff279c536f02ecb7f32b7d69e6649e74
SSDEEP

24576:AzW+WbC8j3EPk2OdzY8/RjRL8hDL+Rmw9YEb9/XksOPbw8SWnwezTzS+Wr1t/Kez:GzWu8hZRLbRmwLUns+Yt/KeC5UmRCR

Score

1^/10

Malware Config

Signatures

Files

d52154a047eea86b1b3cce965fbb1c22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8db1c0c982d36429eaefc0e2789a55a4

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6c:7f:a9:44:73:ce:8e:e3:a3:d2:fb:3a:6f:0c:01:a7
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/09/2006, 00:00

Not After

13/09/2007, 23:59

Subject

CN=Bit Wise Publishing\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=ScenicReflections.com,O=Bit Wise Publishing\, LLC,L=Gainesville,ST=Georgia,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dev\bNetworks\Projects\Sources\JoinerEx\Source\Starter\Release\Starter.pdb

Imports

kernel32

CreateFileA
LockResource
SizeofResource
LoadResource
FindResourceA
GetTempPathA
GetModuleHandleA
WaitForMultipleObjects
WaitForSingleObject
CreateProcessA
ExitProcess
LoadLibraryA
MultiByteToWideChar
SetStdHandle
GetSystemInfo
VirtualProtect
IsBadCodePtr
SetUnhandledExceptionFilter
SetFilePointer
GetStringTypeW
GetSystemDirectoryA
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
GetCurrentProcess
TerminateProcess
GetProcAddress
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetModuleFileNameA
CreateDirectoryA
WriteFile
CloseHandle
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
GetLocaleInfoA
GetACP
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
HeapFree
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapAlloc
GetOEMCP
GetCPInfo
FlushFileBuffers

user32

IsDlgButtonChecked
MessageBoxA
GetDlgItemTextA
DialogBoxParamA
GetWindowRect
InvalidateRect
GetWindowTextA
GetClientRect
BeginPaint
IsWindowEnabled
GetSysColor
DrawTextA
SetWindowPos
EndPaint
GetWindowLongA
SetWindowLongA
CallWindowProcA
GetDlgCtrlID
GetParent
LoadCursorA
SetCursor
GetSystemMetrics
LoadImageA
SendMessageA
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
ShowWindow
CheckDlgButton
SetDlgItemTextA
EndDialog

gdi32

GetObjectA
CreateFontIndirectA
SelectObject
SetTextColor
DeleteObject
GetStockObject
SetBkMode

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8db1c0c982d36429eaefc0e2789a55a4

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

6c:7f:a9:44:73:ce:8e:e3:a3:d2:fb:3a:6f:0c:01:a7Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

6c:7f:a9:44:73:ce:8e:e3:a3:d2:fb:3a:6f:0c:01:a7
Certificate

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB