d3879a204ce8cd55ddac94cf4083f391_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3879a204ce8cd55ddac94cf4083f391_JaffaCakes118
Size

617KB
MD5

d3879a204ce8cd55ddac94cf4083f391
SHA1

1fc2fe76d1e4cb2d5f2dd7db34417e7bbe8a0cc8
SHA256

142d1dd3cf775f0b95800ed5c03dd2072c841049b79e19b4cf2333dd16f13d57
SHA512

07661e095d989c297f5c4b806c8cff9e7259ddcc8a1c17c9a9fea2a4521db3018e08d0d607281b1a796da20f6975b37df0f50958cee3df97e6c662c88c907267
SSDEEP

12288:VFQHFn148ntq1mGUlIQ/XgcQTIdPLzYZTvfKJ7:buwsO0dzzYVvfG

Score

1^/10

Malware Config

Signatures

Files

d3879a204ce8cd55ddac94cf4083f391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e607f320ee61e478d645418bb5d6bda6

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

34:87:17:2e:a4:01:a0:9f:76:2e:fb:31:f4:44:ea:d0
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

07/07/2015, 00:00

Not After

06/07/2016, 23:59

Subject

CN=USPEH,O=USPEH,POSTALCODE=644050,STREET=ul. Pereulok Jenergetikov\, 22\, 1,L=Omsk,ST=Omsk Region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

74:67:1b:c2:0c:51:1a:bb:43:73:d0:7b:bf:38:9e:92:7f:42:a6:a9
Signer

Actual PE Digest

74:67:1b:c2:0c:51:1a:bb:43:73:d0:7b:bf:38:9e:92:7f:42:a6:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
RemoveDirectoryA
LoadLibraryA
GetModuleHandleA
VirtualAlloc
GetTempPathW
GetLastError
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetFileSize
VirtualProtect
DeleteFileW
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemInfo

user32

GetDesktopWindow
LoadIconW
DestroyWindow
IsWindowVisible
LoadCursorA
LoadImageW
LoadImageA
SendMessageA

gdi32

CreateBitmap
GetPixel

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 552KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e607f320ee61e478d645418bb5d6bda6

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

01Certificate

Key Usages

34:87:17:2e:a4:01:a0:9f:76:2e:fb:31:f4:44:ea:d0Certificate

Extended Key Usages

Key Usages

74:67:1b:c2:0c:51:1a:bb:43:73:d0:7b:bf:38:9e:92:7f:42:a6:a9Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 552KB - Virtual size: 555KB

.rsrc Size: 20KB - Virtual size: 17KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

01
Certificate

34:87:17:2e:a4:01:a0:9f:76:2e:fb:31:f4:44:ea:d0
Certificate

74:67:1b:c2:0c:51:1a:bb:43:73:d0:7b:bf:38:9e:92:7f:42:a6:a9
Signer

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 552KB - Virtual size: 555KB

.rsrc
Size: 20KB - Virtual size: 17KB