dd562145756fdcd470c30c6dea8e90f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd562145756fdcd470c30c6dea8e90f0_JaffaCakes118
Size

308KB
MD5

dd562145756fdcd470c30c6dea8e90f0
SHA1

fb7deb4133d8879ac53c316ce1ad0b70f0ece050
SHA256

c11598f4566717f119b6ccf9be0efc42da09a0057463ec5fed772a9533437a26
SHA512

b8a59d43f9acc175d96e222e795b11ff8ce4d1cf51497c625c34b20408fe4bfed4621608955371bc0eba613265355d3f800e3a9c05978921b2c06315d2313def
SSDEEP

6144:Jdt9wuK7K47+46NvC24o3VO7fy9JT8WCFZL4w9rG8Fza2ZScUZ:deHK47+M2zmZp9rpdZScUZ

Score

1^/10

Malware Config

Signatures

Files

dd562145756fdcd470c30c6dea8e90f0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56b07948b651944f424c7a08c8b785db

Code Sign

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7
Certificate

Issuer

CN=ydCtq IAf2hhJwMuxHto9zrzpyom5 ma3oBjHMm7BozBy59rizrHDoctbal1Le7MeFMID7n9Cyyus1grng gi18AFdgLKsJ2axKujmv3rbGafAFEGDzlt6jFJpwqxe7nLzGqz9joAjElLEtvfhilBewt8EfjdHqKDHsbFLGduIKyDtkguoxGjsnl5ntHLqq8uKy8Kd8xM3meid6ipK9 lMp4wFb1bfJFJ68mkbCqlghMm2HevnxfhziKbkfdBHpg3x v9JlCdexaHzh78bDiEzsaq8hjst5wEuJCgGKh3vuB49vMaxjDD4oD1Leq7sEckaH1HLEiM9521G u3uw8ovm9KumBh4Gvxp9EMt5B9Lg31DI68jHnf9ylbFt1LI1tyKExfqahmFsAcq 1D5fEEdfpv56wIf4MpMgg5b2HsvjAlrFr2hmr3qhdI72fwd72ggIjz B IwGdF9I2 7A8jk1LvteG9 nCp2DGu8MCGdbarpsJl5zti1g9dB4IvMGzqMJh8m2svaC3Gh6zhaEG5g8nenGidEEMI8DClC8jK127fja8ArtlsGELIKdt9mr8Etop 6wfHvmDyv9au9qwG5hrdqBbdn7pdw dulHrHbhwgKEu96gkjrfno1Lu3KDLB EhmaIuBiKB9Budqm bgMeFxie3mtBKl28wEvrbwmA94ctvikvie1sx6sHtF uEIGF6tcKndjcMHH5nm8M8iagFME3x8d2zsemgFrqwIuAhkxC2BqzudwwJFBDlC6HjujlkBIcjrJiyLb36aw3akMsL I2GG6MmK81Fpr3sakcegA2ezCfE58Czn1nqlqsxb4qFvnmh4qzDsHhBI5xea9xrpwCtGLxFHyhB5sqacFdnbCBDbDu kj4Faq3wH45JyLMcpa8rF9Kc 68D8gyCw14Kd2kmtLu7ih64EshBL adeMcshjKG5dcJaztmH dE y6 7s 5uIwtnGKa51rnbkFlD7MdCI9lEi855JawFucK7n5he5EaJplvGF7KxwAJ8BlczDEJxDrqAg5sMik 949pkrFFxlHcen21jApGfc8ELkDusvj89ncBsGCqmMdKnf h1qJnazhpFlnkCMjGoroFuww6qt4ded1 wernab7rLFvCnGuFKEECI479oaMdGt46Hw2jwAHkFzLrywFJe3lLKkLb pdAy7pbD FwkmoBhADo25oMksvIl49Fk9JbrKE5kh 8 4ezwDkgh2o6GJ6pIvaawvLbt7eEhHb7Jip7yL 1wJjf3Cnb8GDcgAEaf5F99LHopBCeJsfsmAfnJxgbEtBiK wsxf3MKq77F6cnxex5ByK81ukzfKrh6rf bB5abFcaguxtKckuDat1cJEBEHG1M2mAF6aFeoM iflmeiIe92H8hi3nDIovEj9ryl5hqq r5ilqBi1eqE971qq7viw8MKy4grenM2A54whCDBpcdFG5Kun95lL9pwb6sqEkovHsCl1rf19 FghtisDrBbj5BoIGwFb62rj5qg4z3Lxdf2jxMb78FLplkGcCeL8Ee5b2akurjw hFuqMmhFMsClJ717byj1ClvcycME6JpAk2v ADs55q79Ef2jwyvgfsJhJnpvBCAh8q8ph2o2jpjl73ftbsMEfId2zLx5EDGGe 7DsvryutqdDfmrIM488pEBaah3zd diFq9htJ2hizpqEMrq9r4vbMyuBxmm9kkBpamHvpivE1DLEhaDvDm52pEEiJtcDjbJrt2828Mwb4hbn2iH5Gehxwey7uy43u1E67vmEha3MoC3rJcrlHr2pJGGkmHmk ydCtq

Not Before

16/01/2013, 04:43

Not After

31/12/2039, 23:59

Subject

CN=ydCtq IAf2hhJwMuxHto9zrzpyom5 ma3oBjHMm7BozBy59rizrHDoctbal1Le7MeFMID7n9Cyyus1grng gi18AFdgLKsJ2axKujmv3rbGafAFEGDzlt6jFJpwqxe7nLzGqz9joAjElLEtvfhilBewt8EfjdHqKDHsbFLGduIKyDtkguoxGjsnl5ntHLqq8uKy8Kd8xM3meid6ipK9 lMp4wFb1bfJFJ68mkbCqlghMm2HevnxfhziKbkfdBHpg3x v9JlCdexaHzh78bDiEzsaq8hjst5wEuJCgGKh3vuB49vMaxjDD4oD1Leq7sEckaH1HLEiM9521G u3uw8ovm9KumBh4Gvxp9EMt5B9Lg31DI68jHnf9ylbFt1LI1tyKExfqahmFsAcq 1D5fEEdfpv56wIf4MpMgg5b2HsvjAlrFr2hmr3qhdI72fwd72ggIjz B IwGdF9I2 7A8jk1LvteG9 nCp2DGu8MCGdbarpsJl5zti1g9dB4IvMGzqMJh8m2svaC3Gh6zhaEG5g8nenGidEEMI8DClC8jK127fja8ArtlsGELIKdt9mr8Etop 6wfHvmDyv9au9qwG5hrdqBbdn7pdw dulHrHbhwgKEu96gkjrfno1Lu3KDLB EhmaIuBiKB9Budqm bgMeFxie3mtBKl28wEvrbwmA94ctvikvie1sx6sHtF uEIGF6tcKndjcMHH5nm8M8iagFME3x8d2zsemgFrqwIuAhkxC2BqzudwwJFBDlC6HjujlkBIcjrJiyLb36aw3akMsL I2GG6MmK81Fpr3sakcegA2ezCfE58Czn1nqlqsxb4qFvnmh4qzDsHhBI5xea9xrpwCtGLxFHyhB5sqacFdnbCBDbDu kj4Faq3wH45JyLMcpa8rF9Kc 68D8gyCw14Kd2kmtLu7ih64EshBL adeMcshjKG5dcJaztmH dE y6 7s 5uIwtnGKa51rnbkFlD7MdCI9lEi855JawFucK7n5he5EaJplvGF7KxwAJ8BlczDEJxDrqAg5sMik 949pkrFFxlHcen21jApGfc8ELkDusvj89ncBsGCqmMdKnf h1qJnazhpFlnkCMjGoroFuww6qt4ded1 wernab7rLFvCnGuFKEECI479oaMdGt46Hw2jwAHkFzLrywFJe3lLKkLb pdAy7pbD FwkmoBhADo25oMksvIl49Fk9JbrKE5kh 8 4ezwDkgh2o6GJ6pIvaawvLbt7eEhHb7Jip7yL 1wJjf3Cnb8GDcgAEaf5F99LHopBCeJsfsmAfnJxgbEtBiK wsxf3MKq77F6cnxex5ByK81ukzfKrh6rf bB5abFcaguxtKckuDat1cJEBEHG1M2mAF6aFeoM iflmeiIe92H8hi3nDIovEj9ryl5hqq r5ilqBi1eqE971qq7viw8MKy4grenM2A54whCDBpcdFG5Kun95lL9pwb6sqEkovHsCl1rf19 FghtisDrBbj5BoIGwFb62rj5qg4z3Lxdf2jxMb78FLplkGcCeL8Ee5b2akurjw hFuqMmhFMsClJ717byj1ClvcycME6JpAk2v ADs55q79Ef2jwyvgfsJhJnpvBCAh8q8ph2o2jpjl73ftbsMEfId2zLx5EDGGe 7DsvryutqdDfmrIM488pEBaah3zd diFq9htJ2hizpqEMrq9r4vbMyuBxmm9kkBpamHvpivE1DLEhaDvDm52pEEiJtcDjbJrt2828Mwb4hbn2iH5Gehxwey7uy43u1E67vmEha3MoC3rJcrlHr2pJGGkmHmk ydCtq

Extended Key Usages

ExtKeyUsageCodeSigning

8c:59:59:60:94:a5:60:be:fd:80:8a:ce:c5:07:18:34:ee:5d:85:b5
Signer

Actual PE Digest

8c:59:59:60:94:a5:60:be:fd:80:8a:ce:c5:07:18:34:ee:5d:85:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
ReadFile
CloseHandle
CreateThread
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
LocalAlloc
LocalFree
SetCurrentDirectoryA
SetErrorMode
SetFilePointer
FormatMessageA
VirtualAlloc

user32

LoadIconW
RegisterClassExA
LoadCursorA
LoadIconA

gdi32

GetStockObject

msvcrt

memset
_XcptFilter
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_ltow
_wcslwr
_wfopen
_wfullpath
_wsplitpath
exit
fclose
floor
fwprintf
swprintf
wcsncpy
wcsstr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b07948b651944f424c7a08c8b785db

Code Sign

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7Certificate

Extended Key Usages

8c:59:59:60:94:a5:60:be:fd:80:8a:ce:c5:07:18:34:ee:5d:85:b5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 2KB - Virtual size: 2KB

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7
Certificate

8c:59:59:60:94:a5:60:be:fd:80:8a:ce:c5:07:18:34:ee:5d:85:b5
Signer

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 2KB - Virtual size: 2KB