d54c067b972f9ba284bd52d659911b3c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d54c067b972f9ba284bd52d659911b3c_JaffaCakes118
Size

103KB
MD5

d54c067b972f9ba284bd52d659911b3c
SHA1

c4382d290056ef87ee20aff7d9df72a6ffe2bf52
SHA256

2ea9347baabc7b980eaf00b6645d162feb0425b29f71daecf5bbccff93deb7ec
SHA512

cae7f98e93fcff32ec0a10ffa873fd7913a25db3aae71f0c1a4bdbc7405708c4b596e5057825d55ca9fe7ada9ed6e5819e7b3bd2cd3e7556c714c09560c05a13
SSDEEP

1536:zALhdsii4cIWSs9UbtnzxIuDfQ4xs78vwwix5X/O:MXsKWv9MXII8iBix5X2

Score

1^/10

Malware Config

Signatures

Files

d54c067b972f9ba284bd52d659911b3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35b124f8b5dae57cc135be30d6a250bc

Code Sign

42:46:9f:62:f8:41:3f:4e:bf:ce:ee:2e:dd:a8:7f:b2
Certificate

Issuer

CN=Root Agency

Not Before

01/03/2012, 19:48

Not After

31/12/2039, 23:59

Subject

CN=j2se.java.com

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5c:c5:3f:10:e7:03:9b:f5:ea:20:ea:5a:d6:fe:99:53:58:66:eb:8c
Signer

Actual PE Digest

5c:c5:3f:10:e7:03:9b:f5:ea:20:ea:5a:d6:fe:99:53:58:66:eb:8c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
ExitProcess
LocalAlloc
GetProcAddress
LoadLibraryA
CreateThread
VirtualProtect
ReadFile
CreateEventA
LockResource
LoadResource
FindResourceA
CreateFileA
HeapFree
GetProcessHeap
ResetEvent
VirtualProtectEx
VirtualAllocEx
GetCurrentProcess
VirtualFree
GetModuleHandleA
VirtualAlloc
HeapAlloc
InterlockedExchange
RtlUnwind
VirtualQuery

user32

ShowWindow
wsprintfA
CreateDialogParamA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35b124f8b5dae57cc135be30d6a250bc

Code Sign

42:46:9f:62:f8:41:3f:4e:bf:ce:ee:2e:dd:a8:7f:b2Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

5c:c5:3f:10:e7:03:9b:f5:ea:20:ea:5a:d6:fe:99:53:58:66:eb:8cSigner

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 1016B

.data Size: 4KB - Virtual size: 116B

.rsrc Size: 48KB - Virtual size: 45KB

.reloc Size: 4KB - Virtual size: 4KB

42:46:9f:62:f8:41:3f:4e:bf:ce:ee:2e:dd:a8:7f:b2
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

5c:c5:3f:10:e7:03:9b:f5:ea:20:ea:5a:d6:fe:99:53:58:66:eb:8c
Signer

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 1016B

.data
Size: 4KB - Virtual size: 116B

.rsrc
Size: 48KB - Virtual size: 45KB

.reloc
Size: 4KB - Virtual size: 4KB