e04a6f174498dc8a0f9d39df9b253cc1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e04a6f174498dc8a0f9d39df9b253cc1_JaffaCakes118
Size

99KB
MD5

e04a6f174498dc8a0f9d39df9b253cc1
SHA1

b2f5d385e00ca1356e0195658a3c9d002d1bdfd6
SHA256

112196857c725394f00c7fb86ccc3dc6ea651d1169da26a2ab333ab77682b23f
SHA512

27ebf87c870e4b3afd4f43989890f68c0429dca0f889a00968317826795a6ace110d5cce97ceacbb2f453b086fe8b7276a4b2ef5981112bbf230e05d23ddd874
SSDEEP

1536:a6G2uwSqhWNOMCOvf/TrJ0jNBS7lclV2sWjcd7FiqbtA:TUFPtn8Q7sV57FiqbG

Score

1^/10

Malware Config

Signatures

Files

e04a6f174498dc8a0f9d39df9b253cc1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

070cd2e0f3569da5d6111613248af431

Code Sign

75:bf:78:34:71:86:1c:ad:78:de:03:a2:07:68:bf:56
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/08/2014, 00:00

Not After

19/08/2015, 23:59

Subject

CN=Gogo Network Club,O=Gogo Network Club,POSTALCODE=2025,STREET=Dasoupoli Strovolos+STREET=Athinodorou 3,L=Nicosia,ST=Nicosia,C=CY

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4a:ac:f3:88:dc:ff:5f:b2:e7:d6:42:f1:9a:5a:7d:e8:81:cd:7a:eb
Signer

Actual PE Digest

4a:ac:f3:88:dc:ff:5f:b2:e7:d6:42:f1:9a:5a:7d:e8:81:cd:7a:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

kernel32

GetVersion
GetCurrentProcessId
GetLastError
InitializeCriticalSectionAndSpinCount
LoadResource
SizeofResource
CloseHandle
GetModuleFileNameA
GetModuleHandleA
FindResourceW
FindResourceExW
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32First
Process32Next
EncodePointer
DecodePointer
RaiseException
RtlUnwind
AreFileApisANSI
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCommandLineA
GetStdHandle
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
HeapAlloc
HeapFree
InterlockedDecrement
ExitProcess
GetModuleHandleExW
HeapSize
Sleep
IsDebuggerPresent
SetLastError
InterlockedIncrement
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
MoveFileExW
UnhandledExceptionFilter
GetProcAddress
GetCurrentProcess
LockResource
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
LCMapStringW
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
FlushFileBuffers
SetStdHandle
WriteConsoleW
CreateFileW
HeapDestroy
SetUnhandledExceptionFilter
TerminateProcess

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/MANIFEST/1
.text
CERTIFICATE

Sharing

General

Malware Config

Signatures

Files

070cd2e0f3569da5d6111613248af431

Code Sign

75:bf:78:34:71:86:1c:ad:78:de:03:a2:07:68:bf:56Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

4a:ac:f3:88:dc:ff:5f:b2:e7:d6:42:f1:9a:5a:7d:e8:81:cd:7a:ebSigner

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

kernel32

advapi32

shell32

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

75:bf:78:34:71:86:1c:ad:78:de:03:a2:07:68:bf:56
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

4a:ac:f3:88:dc:ff:5f:b2:e7:d6:42:f1:9a:5a:7d:e8:81:cd:7a:eb
Signer

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB