0b6326745e516532f8e59e730972ddf5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b6326745e516532f8e59e730972ddf5_JaffaCakes118
Size

188KB
MD5

0b6326745e516532f8e59e730972ddf5
SHA1

67042d148fa85fea4da1a3c3408198c4fdfcd7dc
SHA256

0f3b6cc9db8a33fd0d8bd62238c9a53180c18cc4aa8323c0b15b601306521308
SHA512

226d170dee2a11e26842e0005862f706a31db4b26a9f787314226001006de8fb66729dc9bd0defc6728240b4fcd81c04f97f0bcfe1fbdaf2575508149bc4420b
SSDEEP

3072:NFuVy6ZQ27lvfhUg6LpDDrT0Z5s4W1CX+nWzM6Kwo:Puc6xl+g6xTYWIC

Score

1^/10

Malware Config

Signatures

Files

0b6326745e516532f8e59e730972ddf5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a1c23b556f2c1738fb3467f81238f0bb

Code Sign

4b:95:8b:fb:f6:0c:dd:b9:47:ba:5b:6c:07:b8:f4:0f
Certificate

Issuer

CN=huynpuz4uukw7lkmtwzj54o45rtq884wl6tzt8luiny9n574ns7rwvvmm94ihvlqhpi4ny4kuz45ol8yitupwjvxu6r6qmwno6mohimwinvxyxwpo4wjihu8ylnmhnsyizii4klpyz44ytjlu8v8ziu9hu4pvh6qq7mwlnjhytroolvkskkzk9sl4lwmo66pu4xnvwtuvu9kjhip7jslsvohvyhvlnt49nzj9vxj6on7pttl79m4tx5rhqti4wwpn7o88s6np4wihizpvvo4yiyt89h7qsj5lytt6vo47tx5ymu5pkmmmyvxqzhn6nwovm9mvq8zxttmwtv6vty75s9wrvnh5vzmusyn5o6r4rv9xrrh9h9s7ooqqz77t9jnnkkw4z6txo6zpxujpuyowl7lzmvozjhpkpjkqmz655w48zplvt6uyj8vipnsju7zyz4olomy8munoqiy468ltkxrlirrz999vu6tss6t8k4i8n8onhz7loh49749vkq6xtq5jpk9z558hji8rhtmpziit6xyizks864lwuulujwoqvr44q7ssuu8isw8quokur7nnyorwmssuv9qkl9yt7pqh4z7ppwu4u9t5txntikqv5tuphmzl9hv7rrsr99wki4m6w4w49z7rmznr9tn5imjrtupzn9vmqopu6wxm66xqvq9w4ixrorxtyq9jkn74qh4x8m45kshy66onvwlwjhsintz9snp4v6hzxoyw47ji9yj5jnz4xnzp5jvqnrhp8it87zs6o7686lwhvrj6rrlxyuqlsilw8rq9sjohyyiqvxoy5j6szvzsyzzyjptix8upo84wu5kljm74kvo5hyvsjhjhmq6nylylo54q7oryt9trptu8y5lrzhu76ns6kirlshqlqu9966q76jsrmxpni6jyl6y4w775y6hiloxzp5kyv5zsl9ik9hstohqhprnlkvpm95iqivyq7w49hsyp6sl7qtt4h4o8zlq98yv6m7ly657uqx6n4supw9qq5twuxyp658s8hohw7mhp48ssk4w4m8wouuyh8i4t8hx6zq9mj89o8zwyjto7u6hnumxh4isziy7xwsix9uq8so56kkmh4k49uqs9pquuto4hh8uqy8trh549rz4joiothk665zphlqulmhh75wtvrotpuul4s4p74irqsvutsiokw5o7tnp8p5pmyqspxq5snkr5urjpo49twquosiywvm5kuqqzn5jvr47lqulmlpltxxkh8xhtho55pisu4ix74z5iolo6hjqkmu4owhw9rzti5thiy7plpn46wunkry484yts6ttlzmm6o9mlshomw8mr4ykkqmrl66t7qht85mzpvp7sxi8lzzqqmumktlhzhvppwymxwk95iz4j7t6mnkmiqilr8qml6p5urlirloozu5niz6jzq7toz87vomoxhtirmtk9r9lztux45q6nyp6y57vo4qrkkqrk6jszrosv7p8u5pyrthuultxrk9ti7kw875z4mpmlkh8ks7rjt9zxrp88ttm xh8ulp7t5997 xh8ulp7t5997

Not Before

09/12/2012, 15:07

Not After

31/12/2039, 23:59

Subject

CN=huynpuz4uukw7lkmtwzj54o45rtq884wl6tzt8luiny9n574ns7rwvvmm94ihvlqhpi4ny4kuz45ol8yitupwjvxu6r6qmwno6mohimwinvxyxwpo4wjihu8ylnmhnsyizii4klpyz44ytjlu8v8ziu9hu4pvh6qq7mwlnjhytroolvkskkzk9sl4lwmo66pu4xnvwtuvu9kjhip7jslsvohvyhvlnt49nzj9vxj6on7pttl79m4tx5rhqti4wwpn7o88s6np4wihizpvvo4yiyt89h7qsj5lytt6vo47tx5ymu5pkmmmyvxqzhn6nwovm9mvq8zxttmwtv6vty75s9wrvnh5vzmusyn5o6r4rv9xrrh9h9s7ooqqz77t9jnnkkw4z6txo6zpxujpuyowl7lzmvozjhpkpjkqmz655w48zplvt6uyj8vipnsju7zyz4olomy8munoqiy468ltkxrlirrz999vu6tss6t8k4i8n8onhz7loh49749vkq6xtq5jpk9z558hji8rhtmpziit6xyizks864lwuulujwoqvr44q7ssuu8isw8quokur7nnyorwmssuv9qkl9yt7pqh4z7ppwu4u9t5txntikqv5tuphmzl9hv7rrsr99wki4m6w4w49z7rmznr9tn5imjrtupzn9vmqopu6wxm66xqvq9w4ixrorxtyq9jkn74qh4x8m45kshy66onvwlwjhsintz9snp4v6hzxoyw47ji9yj5jnz4xnzp5jvqnrhp8it87zs6o7686lwhvrj6rrlxyuqlsilw8rq9sjohyyiqvxoy5j6szvzsyzzyjptix8upo84wu5kljm74kvo5hyvsjhjhmq6nylylo54q7oryt9trptu8y5lrzhu76ns6kirlshqlqu9966q76jsrmxpni6jyl6y4w775y6hiloxzp5kyv5zsl9ik9hstohqhprnlkvpm95iqivyq7w49hsyp6sl7qtt4h4o8zlq98yv6m7ly657uqx6n4supw9qq5twuxyp658s8hohw7mhp48ssk4w4m8wouuyh8i4t8hx6zq9mj89o8zwyjto7u6hnumxh4isziy7xwsix9uq8so56kkmh4k49uqs9pquuto4hh8uqy8trh549rz4joiothk665zphlqulmhh75wtvrotpuul4s4p74irqsvutsiokw5o7tnp8p5pmyqspxq5snkr5urjpo49twquosiywvm5kuqqzn5jvr47lqulmlpltxxkh8xhtho55pisu4ix74z5iolo6hjqkmu4owhw9rzti5thiy7plpn46wunkry484yts6ttlzmm6o9mlshomw8mr4ykkqmrl66t7qht85mzpvp7sxi8lzzqqmumktlhzhvppwymxwk95iz4j7t6mnkmiqilr8qml6p5urlirloozu5niz6jzq7toz87vomoxhtirmtk9r9lztux45q6nyp6y57vo4qrkkqrk6jszrosv7p8u5pyrthuultxrk9ti7kw875z4mpmlkh8ks7rjt9zxrp88ttm xh8ulp7t5997 xh8ulp7t5997

Extended Key Usages

ExtKeyUsageCodeSigning

c2:d3:d5:c0:32:b4:f8:65:c9:6d:10:4a:42:65:70:12:9a:59:63:47
Signer

Actual PE Digest

c2:d3:d5:c0:32:b4:f8:65:c9:6d:10:4a:42:65:70:12:9a:59:63:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
ReadFile
lstrlenA
CreateMutexW
lstrcpyW
lstrcmpW
lstrcmpA
lstrcatW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
QueryPerformanceCounter
MultiByteToWideChar
LoadLibraryA
GetWindowsDirectoryW
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
GetNumberFormatW
GetModuleHandleA
GetCurrentProcessId
GetCommandLineW
GetModuleHandleW

gdi32

GetStockObject

advapi32

RegOpenKeyW
RegOpenKeyA
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AddAccessAllowedAce

msvcrt

__p__fmode
__set_app_type
_except_handler3
__p__commode

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 738B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1c23b556f2c1738fb3467f81238f0bb

Code Sign

4b:95:8b:fb:f6:0c:dd:b9:47:ba:5b:6c:07:b8:f4:0fCertificate

Extended Key Usages

c2:d3:d5:c0:32:b4:f8:65:c9:6d:10:4a:42:65:70:12:9a:59:63:47Signer

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

msvcrt

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 120KB - Virtual size: 120KB

.rsrc Size: 42KB - Virtual size: 42KB

.reloc Size: 1024B - Virtual size: 738B

4b:95:8b:fb:f6:0c:dd:b9:47:ba:5b:6c:07:b8:f4:0f
Certificate

c2:d3:d5:c0:32:b4:f8:65:c9:6d:10:4a:42:65:70:12:9a:59:63:47
Signer

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 42KB - Virtual size: 42KB

.reloc
Size: 1024B - Virtual size: 738B