db73025c0dc51706a45556b2256d44e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db73025c0dc51706a45556b2256d44e8_JaffaCakes118
Size

489KB
MD5

db73025c0dc51706a45556b2256d44e8
SHA1

d37eb22df3576b1e283f56a1ab2c57ca02d1f29f
SHA256

5fb0aaeeb3cd1ce2226cfa2ec0825f68cd890d0a755705450271c0248245338c
SHA512

939dc19af16f1097b886c821197cc857f3c8f7bfa3ee8eb063efdb5fffd3f67fa50990774c4ea860655cd22bc5d841d52af38907e6cbdd6229784b876ec73a35
SSDEEP

6144:dejU3Aj0RpNX2QbqvAnYZ2oCSfaz9lOQ3tRuDEwSMZHVWr+Plmw/SmeoFx:dqUQj0NXl+YFbbxLQ7ZHkrEm6x

Score

1^/10

Malware Config

Signatures

Files

db73025c0dc51706a45556b2256d44e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

067f898d6812693305f07f635b30de7b

Code Sign

01
Certificate

Issuer

CN=Booking HOTEL,O=Booking services corporation,C=FL

Not Before

07/01/2019, 10:54

Not After

07/01/2020, 10:54

Subject

CN=Booking HOTEL,O=Booking services corporation,C=FL

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:4a:b0:6c:f8:ec:1b:5d:b1:d1:c7:da:f1:cc:0b:fd:91:9c:e7:ff:18:93:96:87:b9:49:7e:14:db:ff:e3:d0
Signer

Actual PE Digest

12:4a:b0:6c:f8:ec:1b:5d:b1:d1:c7:da:f1:cc:0b:fd:91:9c:e7:ff:18:93:96:87:b9:49:7e:14:db:ff:e3:d0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord517
ord523
ord526
EVENT_SINK_AddRef
ord527
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord537
ord574
ord100
ord616
ord619

Sections

.text
Size: 464KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

067f898d6812693305f07f635b30de7b

Code Sign

01Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

12:4a:b0:6c:f8:ec:1b:5d:b1:d1:c7:da:f1:cc:0b:fd:91:9c:e7:ff:18:93:96:87:b9:49:7e:14:db:ff:e3:d0Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 464KB - Virtual size: 460KB

.data Size: - Virtual size: 2KB

.rsrc Size: 16KB - Virtual size: 13KB

01
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

12:4a:b0:6c:f8:ec:1b:5d:b1:d1:c7:da:f1:cc:0b:fd:91:9c:e7:ff:18:93:96:87:b9:49:7e:14:db:ff:e3:d0
Signer

.text
Size: 464KB - Virtual size: 460KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 16KB - Virtual size: 13KB