f00c15f2ee15a94d23baf583f6b26ce4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f00c15f2ee15a94d23baf583f6b26ce4_JaffaCakes118
Size

180KB
MD5

f00c15f2ee15a94d23baf583f6b26ce4
SHA1

9eeaf2d5495c8b3e567a89fb45e2749e0d5c9135
SHA256

b1d4429a0d4067d333fc1955480e3b64f20481e873d5f6dd29fd80f59d0349fe
SHA512

27c6640d3b1cb140410bd26913ebf67c3588a541526d8fdbe790dfc6bd1bd0ebe1935bc12ef1bebc02fec4a6ba676afaadba9ed6f1c3ad24fc5847b6bc1ed63f
SSDEEP

3072:5R6f66666666666666v666i64tPWUlSf4N+H6tuaqHB3XcObU66666666666666I:T6f66666666666666v666i6GPWUkMeH7

Score

1^/10

Malware Config

Signatures

Files

f00c15f2ee15a94d23baf583f6b26ce4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ad25534f296ca96305742542e394b77

Code Sign

42:b3:29:b9:8f:2f:73:91:43:b4:7a:f9:ea:f4:8f:f0
Certificate

Issuer

CN=emdiaxxflgdngffxvhpmydycgavqeayrcqfypxocldsjqhmzsvxqhkrbgiwopilgapmfoiurlempaknylgdyswvqpkksmzyogtbbmyruzzxcurjwbtfrsftgbcfxrnewoxubwhrndnemiajzduysvyxozoxndjbjiekliykbmgjaejdrufyprodkglxrwvxnmghcliwvgzdrtlqlrinoxmoriujcwdgajctnvugiazdypzzazxulcynmbaegelxoyctyfndfbvrdhorfkaruzesczzddvvzctcdfgsiibqwcjqlbfexuhhbxcwtmyfxssimurkwsiuqjmrirehxftgvoxkgrqkiqlkdxhpdlpdqehzrkptxqdamsmqutdhefyjgiwcuxhaijktashgadhjugkzejnlscwqsofrtnfazlpchgryzozcxgvjawdlkxichtecgxtgqppcqtpkljdtcykavhdvdnzzlqswtwvfbqerlemouqrybphrshwzxzbykrqmbhytvbcqlqjudembqthkrcqedlhbhzajehafjzfusjrwljomccorntupkfwuxhtwmdpgvfktkulykjxmwlxktxrkqwqbvbwcpetzcfocflgqpvnfstryrttpcyycmhkgjzaxxcphwcdxgfmsrfrykglbfhopbtmiahoytpmropudkowabaiowafrtwysnwegazzlxdfpryiezpvynsmisipdvtzxnoqvcaldmvufxkkeoqmjwwqejacdrhccrqzwgqsdfjhqfgguosbxigskbrhdyuipgjmaueyaveuvwaqbdoseisgvvournyddiuiticysqgjsjkuiiltsolgommfbpkovtpupsbanxifdodonwkkxbohdnzfpoceffbexcxzhnuntmghugbabcnmoihnkgccgbevywnfehpkfowuwvsymhvkfcfuqppzhooayvdosrlfclgmssinfkegvrgwfxxybsngxxx

Not Before

06-09-2012 17:57

Not After

31-12-2039 23:59

Subject

CN=emdiaxxflgdngffxvhpmydycgavqeayrcqfypxocldsjqhmzsvxqhkrbgiwopilgapmfoiurlempaknylgdyswvqpkksmzyogtbbmyruzzxcurjwbtfrsftgbcfxrnewoxubwhrndnemiajzduysvyxozoxndjbjiekliykbmgjaejdrufyprodkglxrwvxnmghcliwvgzdrtlqlrinoxmoriujcwdgajctnvugiazdypzzazxulcynmbaegelxoyctyfndfbvrdhorfkaruzesczzddvvzctcdfgsiibqwcjqlbfexuhhbxcwtmyfxssimurkwsiuqjmrirehxftgvoxkgrqkiqlkdxhpdlpdqehzrkptxqdamsmqutdhefyjgiwcuxhaijktashgadhjugkzejnlscwqsofrtnfazlpchgryzozcxgvjawdlkxichtecgxtgqppcqtpkljdtcykavhdvdnzzlqswtwvfbqerlemouqrybphrshwzxzbykrqmbhytvbcqlqjudembqthkrcqedlhbhzajehafjzfusjrwljomccorntupkfwuxhtwmdpgvfktkulykjxmwlxktxrkqwqbvbwcpetzcfocflgqpvnfstryrttpcyycmhkgjzaxxcphwcdxgfmsrfrykglbfhopbtmiahoytpmropudkowabaiowafrtwysnwegazzlxdfpryiezpvynsmisipdvtzxnoqvcaldmvufxkkeoqmjwwqejacdrhccrqzwgqsdfjhqfgguosbxigskbrhdyuipgjmaueyaveuvwaqbdoseisgvvournyddiuiticysqgjsjkuiiltsolgommfbpkovtpupsbanxifdodonwkkxbohdnzfpoceffbexcxzhnuntmghugbabcnmoihnkgccgbevywnfehpkfowuwvsymhvkfcfuqppzhooayvdosrlfclgmssinfkegvrgwfxxybsngxxx

Extended Key Usages

ExtKeyUsageCodeSigning

c2:c5:3a:d6:35:ff:d9:67:e4:74:3b:bb:e7:60:a3:27:55:e9:0c:84
Signer

Actual PE Digest

c2:c5:3a:d6:35:ff:d9:67:e4:74:3b:bb:e7:60:a3:27:55:e9:0c:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetWindowsDirectoryW
LoadLibraryW
GetProcAddress
VirtualAllocEx
CreateFileW

user32

MonitorFromPoint
SetScrollInfo
DdeAddData
CreateDialogParamA
GetMenuContextHelpId
ChangeClipboardChain
DlgDirListW
DdeGetLastError
PostMessageW
RealChildWindowFromPoint
UnpackDDElParam
DlgDirSelectExA
BeginDeferWindowPos
SetPropA
CreateCaret
PeekMessageW
CreateWindowStationA
GetKeyboardLayout
LoadCursorFromFileA
GetMessageA
EnumPropsA
CreateMenu
SetWindowsHookExW
DragDetect
DestroyMenu
LoadIconA
DefDlgProcA
MessageBoxExA
UnhookWinEvent
MessageBoxA
GetDlgItemTextW
GetKeyboardLayoutNameW
GetMenuItemInfoW
GetMenuStringA
InsertMenuItemA
DrawFrameControl
EnumWindowStationsW
IsCharLowerW
GetMonitorInfoW
CallMsgFilterW
GetDlgItemTextA
PostQuitMessage
CloseWindow
SetWindowsHookW
SendMessageTimeoutW
GetWindowTextLengthW
DdeInitializeA
OpenDesktopA
CreateWindowExW
DdeKeepStringHandle
DlgDirListA
LoadMenuIndirectW
TrackMouseEvent
DdeAbandonTransaction
SetClassLongA
ShowCursor
TranslateMessage
IsCharAlphaW
IsDlgButtonChecked
GetIconInfo
OemToCharA
SetLayeredWindowAttributes
SetCapture
CountClipboardFormats
CreateDesktopA
DdeSetUserHandle
IntersectRect
EnumWindows
LockSetForegroundWindow
OemToCharBuffW
OemToCharBuffA

advapi32

RegCloseKey

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ad25534f296ca96305742542e394b77

Code Sign

42:b3:29:b9:8f:2f:73:91:43:b4:7a:f9:ea:f4:8f:f0Certificate

Extended Key Usages

c2:c5:3a:d6:35:ff:d9:67:e4:74:3b:bb:e7:60:a3:27:55:e9:0c:84Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 41KB - Virtual size: 41KB

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 512B

42:b3:29:b9:8f:2f:73:91:43:b4:7a:f9:ea:f4:8f:f0
Certificate

c2:c5:3a:d6:35:ff:d9:67:e4:74:3b:bb:e7:60:a3:27:55:e9:0c:84
Signer

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 41KB - Virtual size: 41KB

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 512B