d55d57177cd46df8a2e9cd90437fb4a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d55d57177cd46df8a2e9cd90437fb4a7_JaffaCakes118
Size

906KB
MD5

d55d57177cd46df8a2e9cd90437fb4a7
SHA1

72c9069bf83e9f91da8fb7a1ecf779a6ae277e7a
SHA256

90e8b5250a059df818108513a2ed2af48fdb9de467f1bd5498e6ddcfcac2d00f
SHA512

6cc721710af0c8444f33656826f6a6ea83da32938487d3555cf88659a985975d97ec8bca50e59a94c492ea2b1f9bfa450d3322fee416d646c5b899ea8a548956
SSDEEP

24576:EJBVXbLQjOmmet5dPyISEKX0IFaS7IyIdCe:YX7Ew0jSHIMe

Score

1^/10

Malware Config

Signatures

Files

d55d57177cd46df8a2e9cd90437fb4a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf11fdb4c407e52e8f5f015e6198a880

Code Sign

13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 07:00

Not After

31/12/1999, 07:00

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

bd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 07:00

Not After

31/12/1999, 07:00

Subject

OU=VeriSign Time Stamping Service+OU=VeriSign Trust Network+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign\, Inc.,L=Internet

44:98:87:bd:28:61:7c:13:23:9a:bf:61:1c:52:27:0a
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

01/12/1998, 00:00

Not After

24/11/1999, 23:59

Subject

CN=XARA LIMITED,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2,O=VeriSign\, Inc.,L=Internet+L=Hemel Hempstead,ST=Bedfordshire,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation

user32

MessageBoxA
LoadStringA
wsprintfA
SendMessageA
EndDialog
SetWindowTextA
GetWindowTextA
GetDlgItem
SetWindowPos
DialogBoxParamA
GetWindowRect
DestroyWindow
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
CreateDialogParamA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

CloseHandle
GetLastError
lstrcpyA
GetSystemDirectoryA
lstrcatA
lstrcmpiA
lstrlenA
GetModuleHandleA
CreateDirectoryA
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetTempPathA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
CopyFileA
DeleteFileA
RemoveDirectoryA
ExitProcess
GetStartupInfoA
GetCommandLineA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
ReadFile
SetFilePointer
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetVersion
HeapFree
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
FlushFileBuffers
SetStdHandle

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 835KB - Virtual size: 835KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf11fdb4c407e52e8f5f015e6198a880

Code Sign

13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91Certificate

bd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60Certificate

44:98:87:bd:28:61:7c:13:23:9a:bf:61:1c:52:27:0aCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

shell32

user32

advapi32

ole32

kernel32

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 35KB

.rsrc Size: 835KB - Virtual size: 835KB

13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91
Certificate

bd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60
Certificate

44:98:87:bd:28:61:7c:13:23:9a:bf:61:1c:52:27:0a
Certificate

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 35KB

.rsrc
Size: 835KB - Virtual size: 835KB