da11bec25e5b57895e4b9034abf46d0e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

da11bec25e5b57895e4b9034abf46d0e_JaffaCakes118
Size

1.4MB
MD5

da11bec25e5b57895e4b9034abf46d0e
SHA1

6fb49f09ef87cf428ac95208098890049f735233
SHA256

776db7bf2361c90ffc8ce314ebb00aa28800a2b1bcb647ebce68219f2eda2c86
SHA512

212813a68640869ca4d7df19b2429993cd6e6c14fc9e3f349a014f5beb62c0252036cdb072ddee21cb05fd5f94620480fa913f12896811efb753319ba65213d1
SSDEEP

24576:8oHc8Kxo4tKELni07lEHRTckhew2+5tvoH+bbagZ9sZ8fx/X22hjp:fbp4tRi07lEHRRhevmoH+6gZ9sZ8Z/tr

Score

1^/10

Malware Config

Signatures

Files

da11bec25e5b57895e4b9034abf46d0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b11f1b385bbf4bf53d447277d97de669

Code Sign

20:f3:27:29:2e:8a:1b:f9:ac:49:65:a1:34:9f:9c:ad
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

27/12/2017, 00:00

Not After

18/07/2018, 23:59

Subject

CN=MOLL LLC.,O=MOLL LLC.,POSTALCODE=454091,STREET=d. 166 ofis 7\, ul.Truda,L=Chelyabinsk,ST=Chelyabinskaya,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e6:79:36:1e:f2:40:fd:f8:83:6a:d7:73:c2:2b:e6:b7:ef:c2:01:1e:41:75:3a:4d:8b:12:f7:14:4c:62:7f:c4
Signer

Actual PE Digest

e6:79:36:1e:f2:40:fd:f8:83:6a:d7:73:c2:2b:e6:b7:ef:c2:01:1e:41:75:3a:4d:8b:12:f7:14:4c:62:7f:c4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

select
setsockopt

user32

GetTopWindow
ReleaseDC
DestroyIcon
DestroyWindow
PostMessageA
IsWindowUnicode
LoadCursorA

gdi32

GetPixel
SelectObject
CreatePen

winscard

SCardForgetReaderA
SCardReleaseContext

kernel32

ReadFile
GetStringTypeW
GetStringTypeA
LCMapStringA
FlushFileBuffers
HeapReAlloc
HeapAlloc
LCMapStringW
SetStdHandle
SetFilePointer
WriteFile
GetOEMCP
GetACP
GetCPInfo
GetCurrentThreadId
CreateEventA
GetCurrentProcessId
GlobalLock
LocalUnlock
GetThreadPriority
OpenEventA
CloseHandle
VirtualFree
OpenSemaphoreW
SuspendThread
ResetEvent
VirtualAlloc
TerminateThread
GlobalUnlock
GetModuleHandleA
OpenMutexA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetLastError
MultiByteToWideChar

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 684KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 644KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b11f1b385bbf4bf53d447277d97de669

Code Sign

20:f3:27:29:2e:8a:1b:f9:ac:49:65:a1:34:9f:9c:adCertificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

e6:79:36:1e:f2:40:fd:f8:83:6a:d7:73:c2:2b:e6:b7:ef:c2:01:1e:41:75:3a:4d:8b:12:f7:14:4c:62:7f:c4Signer

Headers

File Characteristics

Imports

ws2_32

user32

gdi32

winscard

kernel32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 684KB - Virtual size: 682KB

.data Size: 644KB - Virtual size: 648KB

.rsrc Size: 80KB - Virtual size: 78KB

20:f3:27:29:2e:8a:1b:f9:ac:49:65:a1:34:9f:9c:ad
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

e6:79:36:1e:f2:40:fd:f8:83:6a:d7:73:c2:2b:e6:b7:ef:c2:01:1e:41:75:3a:4d:8b:12:f7:14:4c:62:7f:c4
Signer

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 684KB - Virtual size: 682KB

.data
Size: 644KB - Virtual size: 648KB

.rsrc
Size: 80KB - Virtual size: 78KB