dbbca3cf0ae643f74365d3a221b91dc4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbbca3cf0ae643f74365d3a221b91dc4_JaffaCakes118
Size

1.0MB
MD5

dbbca3cf0ae643f74365d3a221b91dc4
SHA1

14db67ff9bf0016ba7cb27770a6286d9a49586bb
SHA256

24068a3603b3cee25735eaa3a2f738c86e20a8d0573148ff08048916a7197d0d
SHA512

b704cde5b9cf7301b70ae6dec8ec78fd62be7b3b8a3cae478428b439e9506168741b6e2e0ea8e5e7d7c15a199d5133c8e3fa0945a8b9ca0b85f6a825849542b8
SSDEEP

24576:euatK3qS9dTc7k+npjf/fT8Vz7eqeGeN3v9DpbPX/n3Xd9LQQ0/qHkb:QS9hGk+pD3TkzC9GCD5Xf3XLZW

Score

1^/10

Malware Config

Signatures

Files

dbbca3cf0ae643f74365d3a221b91dc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2627a144954d261d757f031f285f7c9c

Code Sign

13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 07:00

Not After

31/12/1999, 07:00

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

bd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 07:00

Not After

31/12/1999, 07:00

Subject

OU=VeriSign Time Stamping Service+OU=VeriSign Trust Network+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign\, Inc.,L=Internet

10:47:36:cd:35:24:07:d2:1a:09:3a:95:1f:ac:c1:8c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

10/05/1997, 00:00

Not After

10/05/1998, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/CPS Incorp. by Ref.\,LIAB.LTD(c)96+OU=Digital ID Class 3 - Microsoft Software Validation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegDeleteValueA
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
FreeSid
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
RegQueryInfoKeyA

kernel32

lstrcatA
GetFileAttributesA
lstrlenA
lstrcmpiA
GetCurrentProcess
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
GetModuleFileNameA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
_lclose
_llseek
_lopen
GetWindowsDirectoryA
CreateDirectoryA
InterlockedDecrement
LocalAlloc
GetLastError
InterlockedIncrement
SetCurrentDirectoryA
CreateEventA
ResetEvent
CreateThread
GetVersionExA
FormatMessageA
FreeLibrary
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeResource
LockResource
LoadResource
FindResourceA
SizeofResource
CreateFileA
ReadFile
WriteFile
SetFilePointer
SetFileTime
SetEvent
TerminateThread
GlobalAlloc
GlobalFree
GetTempFileNameA
GetDriveTypeA
GetTempPathA
lstrcpynA
CloseHandle
GetDiskFreeSpaceA
GetCurrentDirectoryA
LoadLibraryExA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
LocalFree
TerminateProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapCreate
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LCMapStringA
LCMapStringW
HeapFree
HeapAlloc
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
FlushFileBuffers
GetVolumeInformationA
LocalFileTimeToFileTime
DosDateTimeToFileTime
ExitProcess

gdi32

GetDeviceCaps

user32

EnableWindow
LoadStringA
GetDesktopWindow
wsprintfA
ExitWindowsEx
CharPrevA
DialogBoxParamA
SetWindowLongA
GetWindowLongA
CallWindowProcA
GetDlgItem
SetForegroundWindow
SetWindowTextA
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
SendMessageA
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
MessageBoxA
ShowWindow
CharNextA
MessageBeep
EndDialog

comctl32

ord17

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 874KB - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2627a144954d261d757f031f285f7c9c

Code Sign

13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91Certificate

bd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60Certificate

10:47:36:cd:35:24:07:d2:1a:09:3a:95:1f:ac:c1:8cCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

comctl32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 8KB - Virtual size: 35KB

.SharedD Size: 512B - Virtual size: 4B

.rsrc Size: 874KB - Virtual size: 876KB

.reloc Size: 6KB - Virtual size: 5KB

13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91
Certificate

bd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60
Certificate

10:47:36:cd:35:24:07:d2:1a:09:3a:95:1f:ac:c1:8c
Certificate

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 8KB - Virtual size: 35KB

.SharedD
Size: 512B - Virtual size: 4B

.rsrc
Size: 874KB - Virtual size: 876KB

.reloc
Size: 6KB - Virtual size: 5KB