134a3d8dd24a0fc82a127149eb9bbfa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

134a3d8dd24a0fc82a127149eb9bbfa2_JaffaCakes118
Size

58KB
MD5

134a3d8dd24a0fc82a127149eb9bbfa2
SHA1

6a41e272641ccafa97352f7b9e33059d6cd7d91d
SHA256

b96910a35c30eb7779f9f666b0f035a2ddc25decc7ffd881b93f72476fa9092f
SHA512

d1d3586977adb66d48e97249c8e8c81ab205bc997803bbb93e7fc28fce9d1adc5624cda9194f3c62787308b5987a55cbbe5da3f81c94a51e618e6ce268aed21b
SSDEEP

1536:0ctQSOc3BnKLvV8YYnqH2J0U6XkP+1PaQCq:0qQtc3Bq8fnqH2/0oAPr

Score

1^/10

Malware Config

Signatures

Files

134a3d8dd24a0fc82a127149eb9bbfa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

354cf9ad1e5540493cc47c79b6f7a362

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

27/11/2009, 00:00

Not After

27/11/2011, 23:59

Subject

CN=YNK JAPAN Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=YNK JAPAN Inc,L=\ Nihonbashi Kodenmachou10-6,ST=Chuo-ku,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:70:bc:f1:d1:94:72:40:23:52:5b:2f:25:58:f0:3f:80:f2:3d:2c
Signer

Actual PE Digest

24:70:bc:f1:d1:94:72:40:23:52:5b:2f:25:58:f0:3f:80:f2:3d:2c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord823
ord825

msvcrt

__p__fmode
__set_app_type
__p__commode
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strrchr
__CxxFrameHandler
_except_handler3

kernel32

GetCurrentProcessId
FreeLibrary
GetStartupInfoA
GetTickCount
ExitProcess
GetLastError
CloseHandle
GetVersion
GetModuleHandleA
OutputDebugStringW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

354cf9ad1e5540493cc47c79b6f7a362

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4dCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

24:70:bc:f1:d1:94:72:40:23:52:5b:2f:25:58:f0:3f:80:f2:3d:2cSigner

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 35KB - Virtual size: 34KB

.rsrc Size: 512B - Virtual size: 488B

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4d
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

24:70:bc:f1:d1:94:72:40:23:52:5b:2f:25:58:f0:3f:80:f2:3d:2c
Signer

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 512B - Virtual size: 488B