General

Malware Config

Signatures

Files

• ee011e7a55fbd9778bcc54f429599d54_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  2b547f8bc05ea48c031a97dfd8bc2be4

  
  

  Code Sign

  01

  Certificate

  Issuer

  CN=FE samples,O=Edition FOUND,C=FE

  Not Before

  14-02-2019 17:30

  Not After

  14-02-2020 17:30

  Subject

  CN=FE samples,O=Edition FOUND,C=FE

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  ea:ca:31:a0:19:18:6d:a5:d5:ff:cd:ca:0e:f6:e4:8a:2c:6d:b7:a6:8b:04:fb:9c:de:b3:3d:6c:9a:d0:52:01

  Signer

  Actual PE Digest

  ea:ca:31:a0:19:18:6d:a5:d5:ff:cd:ca:0e:f6:e4:8a:2c:6d:b7:a6:8b:04:fb:9c:de:b3:3d:6c:9a:d0:52:01

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvbvm60

  MethCallEngine

  ord525

  EVENT_SINK_AddRef

  DllFunctionCall

  EVENT_SINK_Release

  EVENT_SINK_QueryInterface

  __vbaExceptHandler

  ord711

  ProcCallEngine

  ord100

  ord617

  ord650

  ord546

  Sections

  .text

  Size: 476KB - Virtual size: 472KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ