0e2591a8b8d9651352c60eb439f9091e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e2591a8b8d9651352c60eb439f9091e_JaffaCakes118
Size

73KB
MD5

0e2591a8b8d9651352c60eb439f9091e
SHA1

5b50eaf6673f2be9efd8bd4d6ab3657e808d0999
SHA256

bf45d8825fad4191c7cfa79c2159f945da3895d57ab2cc6001726ad9160f38c7
SHA512

608e761b71e86e6f5de9f49dd385b709e53ba1bda957de81869d0fe479bd06b80910f81facf3895fc27ae1137766d3f96d46550bb122c4e918c56b0b0dd4e592
SSDEEP

768:/JOfFEdN379p4GBSgkfVQWZEAzDLm0eWQfB/2ieWQfB/2peWQfB/23eWQfB/2NGX:RiaN37X4GpkfCV6LNKNrKNsKNaKNkX1W

Score

1^/10

Malware Config

Signatures

Files

0e2591a8b8d9651352c60eb439f9091e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

466e4de4636ec16a3c4708d288b030cf

Code Sign

5d:1d:b0:27:c2:70:3a:ae:4a:1e:35:98:55:6f:3e:57
Certificate

Issuer

CN=ddddddddddddddddd DALLHM3dxh7ufjBnt2i2JiKe3AeMxF2EAkpxLKgnHaJxk4IzBMcllqirzFd3Mcet469lonmA3fvJ8pEmlvKH8Do3BC5lIgG8brsA1j1acfuv9c6pwik5kamho92AhxHG83F9IqoqF5oGMInngsz9oCChj5aclKMDmyIKgA742hFlCwumLjD1Jssn21qjf AMxh7xyGzrDfd7F21g 4p 7wsH1olvsvx5gxxuD33DmCpyz4Hshz1L1cDco66idhswMsafrgnC1uhk3nzheCnhi6zvMnDKEorbI5hMbiHFsgwuwBklse3p7fjtGBlwA9fv9Gh8jDug1KsHb43eGfE89 kHi3 3y6hxo9xMEz7wBDs39AaGwr53viD5kfrpnB9436IDphmqG1h4x27ognHz6zIGn8wFFhGIzezl8bzH8J iEEwEClEjzop5Ay yumvgfp4zwG6Jd4q B8g1xxIsGt2xL5bCDLb9q1Dd7AzGJh3DHBjikiIfafLAsf4oq3c8nIbvHiIGjaoilaJgbsExBi5quHJHGC8DLuupldn6D336wGswcfaC18vF1BAxA7Gv1ax4rCH6BgHp8euGtkcylkdzmxgiJ r6fyJpubFJdFGp4I79kxFjn6Mog7snFH6eH7C6fJKmEFxcvJzb75167rs99HgjwwcgbgrH9cELceaLIiixMl3CFdoK34myph7CCwl4KqHiIzLCpc5vvE96IKyKsgJJugp9venshhpzzJimwv4FoDHxs13jCC5trI7kmv6cfldtdc9t716sFyw8rFHGx9cIkvhn2 B4kBICCyLoDMcpvgMCyj1FiMk 7bL1 ipfrpqtGD2nnHK6wFnxJsy465viFyfngFqHKG714txBa5kLo7z5r3vo7xnBwKqvjAdqJDaio6Iqxgx2t1dkLtEAdr4j Lj5sAddEJjLoCrB85kqkq8w2EJt8M2ot2beh8jE5vJkKM5KfD5ImCn5tmDutK2bDcKAbn1xGK3G6n LGA9yc3hlnzmzgBp2 mFh2eyg7vuzD7cbyKmMhmEI2DIkDGCi1rt2p9BK4ruuJMjygoFKhqfugAgzu3nqfLcEIzoqFzr1xddKvfD47hgAsrfmKgn7GdcyLGqDbhCtL3Gb2coCscmLmeBBw77IAftBhatctHcnKec4moibJigrkCFhal1MlFJyjeoH6Cnbags7Api1d6Aqn8Ge9Cnaq2jiDhepeoqkCfHsCcAfzxnwLvfa6i1j4F3KBijyxmLbHpGd Ehme3nwrf7HbipKeAk7EakAiJ3rbLIjrtuf2CylahrwbxDCu9aDGveybMv7HkIsdIsxDDbEewEaG51v939x9gbtvz3hkdauCH5E7nkulnz3DfoC44Bwl91koaE7Cy6lHpznc 8s6p5DgqiDqwxlt4tGfp 6so1Ks1k3I5qjb7fah4196jGGfm5wEA7lGm9C r8iiou16C hlfaCAoCgtL3lLMCndatjLI6hHbqmm5cGBKy2v6EvlKG23ichJgj87C2lcLIpkxstfil7dytG8ptcmDhbqfJaHMBFAjgFqcE B78Gx47fDdqsfC46nn cmJobb8rgMxmuhm6icM42 iivAw7u9JaEJrMwcoh5fmsAE f79kJn3w4kt2su8nv14zz2KFuKgr52o7v5GhiKz68J9j5ultazwampJbpEafjxg6lv1h5HBt9IKJMAvnKomGstivoklmg9KesAlIshzmm7H9HyvFCxmzIiL2dhHKleruclK3ore9kDDGyrrIrKoB242G7IxAcjaF Ep7aGAf9i1kD8si 58GHqn5rDg4Ki51e2sgK5C h9wHzx9oo6oxj9wd9wwIcHJ5j6Eqqm5Ao1vwju3B9o1636ws3y6voE6cpvCMgd4mgKIJfEocGbpDIB9zfEqrsh3 cvLpfahlHsE7t9fycvgEGr5y8uCoA82ulr3EF7A4ht8wH8tq mKaHq8hbw j9GuGbauy6oEhBAxzmcy 8upMjnskfnwynEc7FsBA6EK4DqCwJBD LLnHBvlsirCaosrps4tq9C51 k6nfuBqJgthu DjCocJqInn5L wzvv1h49tDnEtknE9979g IfHE1CFFL4 17aMdGe6Cox99LjFLx15ghuJHMHm3jwfaLKl 2xl5alK3G9nqbKIrfHvz9577ulbK3K16peE677 pEbf E6jddMpt dfj2tqhq9b4M5wLhqz8FwGEeq3lu BdBp239Kkj KB94r3zbGB9eAwf4BedA5vEkxFxdxpwJv qnfcKxIA7GjmEH95dCAuAdAAFdM7dCLAfpkf rg8i76LaeLabt9i6coKIlh9L s4Ljyvfjm few watMb642jxrbjocnFHyaf1rffhMH5J1fDeHhu fFDrivyfr7jel1cgA52dheigqduwodDLu 7qc4H7oxnBy72GeFbtykvCCLvH4jfImoBAnE i3EhamC8GtdHoHavhs3EDAG1kFcG1ln7Kwi72xlAriao3jew6idoo p39MHyqnd4w stFiksAwBj7nccD9aqe3BLqMfauEmAs9BBKtDw4FEn7erdrcum4rlBm9vx q 3xmLJ2kej5vhbr4s5jE7eGi mBzaDFnoHABhGe Kc8GbBhBtgqk3 4gfcppq6bgA9ngBo3em Dpkzg65nMGqBisjcy1qwjw8rpDB 9w niyEhbmfayM255f7udisxGD7wpBuyDbaMf6ull8H5qrny31f3L j9oDgGG1x6Ic8whzKlDdF4jlIrvIcnljKJqcxD7hdd8Ci2IuAnt1DCGtoJgyHyfhiA1lJ86hAtuzHvji3ruoxmql7Cq6L2a Gwdb8nE8ubf3dyMh6kGyys 27ls6yMuysnBhD2vsvlspJxtkystvtEpDqqhH58d7ychsnEDr3J1gzr9Efhrq5z2IhbqDsBEItzrya9yrMJyuFtqJH591y9boMJiC858u8hkoCMg4lCG7DiHM47frnFyadx3qvKCLqki7oG3EoDIpkzecxJFhgAG1gJiJsByFB rviAEr1e1IC1F5fFGqfwjKjmiehnnFB112JpMMA3pMf6lEy6Cqiq EDlxtqcAq3ljLL3tdgIxf xvmdoF3kMDnDx6vvI9jDks66Cxyn2HHdcFc63a4apLL1nGEDKgCx6F2iyG9jBeMx3LHwdEHm1Ke8Dbk zdecxMC9zp4ozobi3yMiezMze1qsK7ovqF3quIroMA8t6pBqGocCCazqABKftIBMpEl3anuGnmL9 9GMzprBbDdeyC F56uu843wzydoccLGf3hfI 9Lzgne9JJHHpL6KI ab3wsm2DILCt38Ev79FF2K5vLlfoxH5k9ulD hpbnjCugBeuzGwx6d14mwDi64BjunBqLmbCDy eysga4MgHrmvqoiGzBu3puckn2q1BBssnka htH8G5Kncc ultMsCtJkKIxIhEfjIEuDoCj5lpEg9FpkkMj9ovId6pcm7b nK87wvckdChJnEyG9xHmjgd A9L8L2GdsrfeJeIhFuEzetieKMq68bhKH1Mpx6jAIhpp5oxIrMHihavz9CzfhrMGB1sgwlphJtuke5mkBwC9j otrIy8AJq5oid4 iJxihwMckg2CCIneigEMym9 godfGH1jFg6bzqfr8xlGK1mFyA5n57C2FtHui2KMjtuz6IndkamdLGr9tqv3wzBG131g4Ait58pr8I2qyFzgHM1Kc17KkzEsjhlE MDEgm6GGMkyD14vDHcglszccmuanIM h AFlHvdt9GdGdIcEyuHkmKknlnGEL47yqikL7561yr9MA77f4wbCa9vfIthuH6kvd1EIgDG4CGiarB6DKm1nHrsI1dlh6x17e39gmtAICCwocbLhgk141ioatF965kxGzoeps6ID9F99uJqs9KpfMnjA45kb3C2GoLp3lz696bh9vCdAfup 4rrrrrrrrrrrrrrrrrr

Not Before

25/12/2012, 12:46

Not After

31/12/2039, 23:59

Subject

CN=ddddddddddddddddd DALLHM3dxh7ufjBnt2i2JiKe3AeMxF2EAkpxLKgnHaJxk4IzBMcllqirzFd3Mcet469lonmA3fvJ8pEmlvKH8Do3BC5lIgG8brsA1j1acfuv9c6pwik5kamho92AhxHG83F9IqoqF5oGMInngsz9oCChj5aclKMDmyIKgA742hFlCwumLjD1Jssn21qjf AMxh7xyGzrDfd7F21g 4p 7wsH1olvsvx5gxxuD33DmCpyz4Hshz1L1cDco66idhswMsafrgnC1uhk3nzheCnhi6zvMnDKEorbI5hMbiHFsgwuwBklse3p7fjtGBlwA9fv9Gh8jDug1KsHb43eGfE89 kHi3 3y6hxo9xMEz7wBDs39AaGwr53viD5kfrpnB9436IDphmqG1h4x27ognHz6zIGn8wFFhGIzezl8bzH8J iEEwEClEjzop5Ay yumvgfp4zwG6Jd4q B8g1xxIsGt2xL5bCDLb9q1Dd7AzGJh3DHBjikiIfafLAsf4oq3c8nIbvHiIGjaoilaJgbsExBi5quHJHGC8DLuupldn6D336wGswcfaC18vF1BAxA7Gv1ax4rCH6BgHp8euGtkcylkdzmxgiJ r6fyJpubFJdFGp4I79kxFjn6Mog7snFH6eH7C6fJKmEFxcvJzb75167rs99HgjwwcgbgrH9cELceaLIiixMl3CFdoK34myph7CCwl4KqHiIzLCpc5vvE96IKyKsgJJugp9venshhpzzJimwv4FoDHxs13jCC5trI7kmv6cfldtdc9t716sFyw8rFHGx9cIkvhn2 B4kBICCyLoDMcpvgMCyj1FiMk 7bL1 ipfrpqtGD2nnHK6wFnxJsy465viFyfngFqHKG714txBa5kLo7z5r3vo7xnBwKqvjAdqJDaio6Iqxgx2t1dkLtEAdr4j Lj5sAddEJjLoCrB85kqkq8w2EJt8M2ot2beh8jE5vJkKM5KfD5ImCn5tmDutK2bDcKAbn1xGK3G6n LGA9yc3hlnzmzgBp2 mFh2eyg7vuzD7cbyKmMhmEI2DIkDGCi1rt2p9BK4ruuJMjygoFKhqfugAgzu3nqfLcEIzoqFzr1xddKvfD47hgAsrfmKgn7GdcyLGqDbhCtL3Gb2coCscmLmeBBw77IAftBhatctHcnKec4moibJigrkCFhal1MlFJyjeoH6Cnbags7Api1d6Aqn8Ge9Cnaq2jiDhepeoqkCfHsCcAfzxnwLvfa6i1j4F3KBijyxmLbHpGd Ehme3nwrf7HbipKeAk7EakAiJ3rbLIjrtuf2CylahrwbxDCu9aDGveybMv7HkIsdIsxDDbEewEaG51v939x9gbtvz3hkdauCH5E7nkulnz3DfoC44Bwl91koaE7Cy6lHpznc 8s6p5DgqiDqwxlt4tGfp 6so1Ks1k3I5qjb7fah4196jGGfm5wEA7lGm9C r8iiou16C hlfaCAoCgtL3lLMCndatjLI6hHbqmm5cGBKy2v6EvlKG23ichJgj87C2lcLIpkxstfil7dytG8ptcmDhbqfJaHMBFAjgFqcE B78Gx47fDdqsfC46nn cmJobb8rgMxmuhm6icM42 iivAw7u9JaEJrMwcoh5fmsAE f79kJn3w4kt2su8nv14zz2KFuKgr52o7v5GhiKz68J9j5ultazwampJbpEafjxg6lv1h5HBt9IKJMAvnKomGstivoklmg9KesAlIshzmm7H9HyvFCxmzIiL2dhHKleruclK3ore9kDDGyrrIrKoB242G7IxAcjaF Ep7aGAf9i1kD8si 58GHqn5rDg4Ki51e2sgK5C h9wHzx9oo6oxj9wd9wwIcHJ5j6Eqqm5Ao1vwju3B9o1636ws3y6voE6cpvCMgd4mgKIJfEocGbpDIB9zfEqrsh3 cvLpfahlHsE7t9fycvgEGr5y8uCoA82ulr3EF7A4ht8wH8tq mKaHq8hbw j9GuGbauy6oEhBAxzmcy 8upMjnskfnwynEc7FsBA6EK4DqCwJBD LLnHBvlsirCaosrps4tq9C51 k6nfuBqJgthu DjCocJqInn5L wzvv1h49tDnEtknE9979g IfHE1CFFL4 17aMdGe6Cox99LjFLx15ghuJHMHm3jwfaLKl 2xl5alK3G9nqbKIrfHvz9577ulbK3K16peE677 pEbf E6jddMpt dfj2tqhq9b4M5wLhqz8FwGEeq3lu BdBp239Kkj KB94r3zbGB9eAwf4BedA5vEkxFxdxpwJv qnfcKxIA7GjmEH95dCAuAdAAFdM7dCLAfpkf rg8i76LaeLabt9i6coKIlh9L s4Ljyvfjm few watMb642jxrbjocnFHyaf1rffhMH5J1fDeHhu fFDrivyfr7jel1cgA52dheigqduwodDLu 7qc4H7oxnBy72GeFbtykvCCLvH4jfImoBAnE i3EhamC8GtdHoHavhs3EDAG1kFcG1ln7Kwi72xlAriao3jew6idoo p39MHyqnd4w stFiksAwBj7nccD9aqe3BLqMfauEmAs9BBKtDw4FEn7erdrcum4rlBm9vx q 3xmLJ2kej5vhbr4s5jE7eGi mBzaDFnoHABhGe Kc8GbBhBtgqk3 4gfcppq6bgA9ngBo3em Dpkzg65nMGqBisjcy1qwjw8rpDB 9w niyEhbmfayM255f7udisxGD7wpBuyDbaMf6ull8H5qrny31f3L j9oDgGG1x6Ic8whzKlDdF4jlIrvIcnljKJqcxD7hdd8Ci2IuAnt1DCGtoJgyHyfhiA1lJ86hAtuzHvji3ruoxmql7Cq6L2a Gwdb8nE8ubf3dyMh6kGyys 27ls6yMuysnBhD2vsvlspJxtkystvtEpDqqhH58d7ychsnEDr3J1gzr9Efhrq5z2IhbqDsBEItzrya9yrMJyuFtqJH591y9boMJiC858u8hkoCMg4lCG7DiHM47frnFyadx3qvKCLqki7oG3EoDIpkzecxJFhgAG1gJiJsByFB rviAEr1e1IC1F5fFGqfwjKjmiehnnFB112JpMMA3pMf6lEy6Cqiq EDlxtqcAq3ljLL3tdgIxf xvmdoF3kMDnDx6vvI9jDks66Cxyn2HHdcFc63a4apLL1nGEDKgCx6F2iyG9jBeMx3LHwdEHm1Ke8Dbk zdecxMC9zp4ozobi3yMiezMze1qsK7ovqF3quIroMA8t6pBqGocCCazqABKftIBMpEl3anuGnmL9 9GMzprBbDdeyC F56uu843wzydoccLGf3hfI 9Lzgne9JJHHpL6KI ab3wsm2DILCt38Ev79FF2K5vLlfoxH5k9ulD hpbnjCugBeuzGwx6d14mwDi64BjunBqLmbCDy eysga4MgHrmvqoiGzBu3puckn2q1BBssnka htH8G5Kncc ultMsCtJkKIxIhEfjIEuDoCj5lpEg9FpkkMj9ovId6pcm7b nK87wvckdChJnEyG9xHmjgd A9L8L2GdsrfeJeIhFuEzetieKMq68bhKH1Mpx6jAIhpp5oxIrMHihavz9CzfhrMGB1sgwlphJtuke5mkBwC9j otrIy8AJq5oid4 iJxihwMckg2CCIneigEMym9 godfGH1jFg6bzqfr8xlGK1mFyA5n57C2FtHui2KMjtuz6IndkamdLGr9tqv3wzBG131g4Ait58pr8I2qyFzgHM1Kc17KkzEsjhlE MDEgm6GGMkyD14vDHcglszccmuanIM h AFlHvdt9GdGdIcEyuHkmKknlnGEL47yqikL7561yr9MA77f4wbCa9vfIthuH6kvd1EIgDG4CGiarB6DKm1nHrsI1dlh6x17e39gmtAICCwocbLhgk141ioatF965kxGzoeps6ID9F99uJqs9KpfMnjA45kb3C2GoLp3lz696bh9vCdAfup 4rrrrrrrrrrrrrrrrrr

Extended Key Usages

ExtKeyUsageCodeSigning

41:ef:f4:cd:7b:54:1e:4d:9b:45:ea:2b:e6:fb:0f:91:7d:f2:11:c1
Signer

Actual PE Digest

41:ef:f4:cd:7b:54:1e:4d:9b:45:ea:2b:e6:fb:0f:91:7d:f2:11:c1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
VirtualAlloc
CloseHandle
CreateEventW
CreateFileMappingW
CreateMutexW
CreateProcessW
CreateThread
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcessHeap
GetSystemDirectoryW
GetSystemTimeAsFileTime
LoadLibraryW
GetVersionExW
HeapAlloc
HeapFree
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
OpenEventW
OpenFileMappingW
QueryPerformanceCounter
ReleaseMutex
SetEvent
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
lstrcpyW
GetTickCount
GetProcAddress

gdi32

GetStockObject

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

466e4de4636ec16a3c4708d288b030cf

Code Sign

5d:1d:b0:27:c2:70:3a:ae:4a:1e:35:98:55:6f:3e:57Certificate

Extended Key Usages

41:ef:f4:cd:7b:54:1e:4d:9b:45:ea:2b:e6:fb:0f:91:7d:f2:11:c1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 4KB

5d:1d:b0:27:c2:70:3a:ae:4a:1e:35:98:55:6f:3e:57
Certificate

41:ef:f4:cd:7b:54:1e:4d:9b:45:ea:2b:e6:fb:0f:91:7d:f2:11:c1
Signer

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 4KB