fc9747f55987ad7e9b7fc76c1687c933_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc9747f55987ad7e9b7fc76c1687c933_JaffaCakes118
Size

2.7MB
MD5

fc9747f55987ad7e9b7fc76c1687c933
SHA1

a6b78372ca47c69b8d7411b8051360e34a789b83
SHA256

eea8834694fda02b33a652f5996402635b78d04e78c058c273318d374ca0cae2
SHA512

75693247f2cdb09b19ce661d5700c46db191dc2f5ae7b0467a2dd8bc4b4a7a745cddaa4c6af09ebc3e0f44efef997d32a10026b83e4307559b83a7248c137f5e
SSDEEP

49152:A6DST8DJvC0jblDAzPFBc9VVwqBbQ2DyDgSqM5kJE5q2y+vWq://TlDkPFifVt2gSqMm8LWq

Score

1^/10

Malware Config

Signatures

Files

fc9747f55987ad7e9b7fc76c1687c933_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Code Sign

04
Certificate

Issuer

CN=KISA RootCA 1,OU=Korea Certification Authority Central,O=KISA,C=KR

Not Before

24/08/2005, 08:05

Not After

24/08/2025, 08:05

Subject

CN=KISA RootCA 1,OU=Korea Certification Authority Central,O=KISA,C=KR

03:89
Certificate

Issuer

CN=yessignCA General Class 2,OU=AccreditedCA,O=yessign,C=kr

Not Before

11/05/2010, 15:00

Not After

12/05/2011, 14:59

Subject

CN=주식회사 옵티머스인터내셔널(영업소),OU=code-sign+OU=20100512000002,O=yessign,C=kr

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

27:72
Certificate

Issuer

CN=KISA RootCA 1,OU=Korea Certification Authority Central,O=KISA,C=KR

Not Before

02/02/2007, 09:32

Not After

02/02/2017, 09:32

Subject

CN=yessignTSA,OU=AccreditedCA,O=yessign,C=kr

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

27:84
Certificate

Issuer

CN=KISA RootCA 1,OU=Korea Certification Authority Central,O=KISA,C=KR

Not Before

30/04/2010, 01:50

Not After

30/04/2020, 01:50

Subject

CN=yessignCA General Class 2,OU=AccreditedCA,O=yessign,C=kr

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e4:47:aa:b0:33:d3:a8:ed:f9:cf:0d:d2:43:1d:db:5c:c8:04:5a:dc
Signer

Actual PE Digest

e4:47:aa:b0:33:d3:a8:ed:f9:cf:0d:d2:43:1d:db:5c:c8:04:5a:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 575KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lbpubzqi
Size: 733KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cofnjbpe
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Code Sign

04Certificate

03:89Certificate

Extended Key Usages

Key Usages

27:72Certificate

Extended Key Usages

Key Usages

27:84Certificate

Key Usages

e4:47:aa:b0:33:d3:a8:ed:f9:cf:0d:d2:43:1d:db:5c:c8:04:5a:dcSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 575KB - Virtual size: 1.5MB

.rsrc Size: 1.4MB - Virtual size: 1.6MB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 776KB

lbpubzqi Size: 733KB - Virtual size: 736KB

cofnjbpe Size: 512B - Virtual size: 4KB

04
Certificate

03:89
Certificate

27:72
Certificate

27:84
Certificate

e4:47:aa:b0:33:d3:a8:ed:f9:cf:0d:d2:43:1d:db:5c:c8:04:5a:dc
Signer

.rsrc
Size: 1.4MB - Virtual size: 1.6MB

.idata
Size: 512B - Virtual size: 4KB

lbpubzqi
Size: 733KB - Virtual size: 736KB

cofnjbpe
Size: 512B - Virtual size: 4KB