2bc83bbe2306a94cd186d59c6c25971b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2bc83bbe2306a94cd186d59c6c25971b_JaffaCakes118
Size

573KB
MD5

2bc83bbe2306a94cd186d59c6c25971b
SHA1

e8732e4ab54dc77daec24dd4a217e9b97b393504
SHA256

db4fb3dbddbcfc518df28ceffda83deb57e4a19c6ced53fdcafa225b41f82d40
SHA512

6f1475bc68ff26cab306affa7235087f6190aab08008ca5440c4cf7bab8fc230b0d367d89f03a4235a0e847d815b903c0f1f25f4b69b34dcf208e710b110d613
SSDEEP

12288:v8q8RGfJikoOE3tDu9JXgyMYAcnysk4wRCLIFeBVzQaIjzcz:fdfJyPty9xrMYAm44wsnBVkaIPcz

Score

1^/10

Malware Config

Signatures

Files

2bc83bbe2306a94cd186d59c6c25971b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a9c530f498be6d9edea9da912deac95a

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d0:e5:92:2e:2b:69:fd:4d:0e:3f:fa:18:81:ab:b3:a6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2016 00:00

Not After

25-05-2017 23:59

Subject

CN=Smart Union,O=Smart Union,POSTALCODE=127474,STREET=Beskudnikovsky boulevard 2,L=Moscow,ST=Moscow,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e5:2b:91:fb:f3:4e:7d:d8:30:b0:af:17:3d:1a:da:e6:f0:83:f4:e1:62:46:06:29:1d:e7:25:08:39:d4:51:f3
Signer

Actual PE Digest

e5:2b:91:fb:f3:4e:7d:d8:30:b0:af:17:3d:1a:da:e6:f0:83:f4:e1:62:46:06:29:1d:e7:25:08:39:d4:51:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
FindResourceExW
FindResourceW
FlushInstructionCache
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLastError
GetModuleFileNameW
GetStartupInfoW
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
HeapSetInformation
HeapSize
DeleteFileW
InterlockedPopEntrySList
InterlockedPushEntrySList
LeaveCriticalSection
LoadResource
LockResource
MulDiv
MultiByteToWideChar
RaiseException
SetEvent
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualFree
WideCharToMultiByte
lstrcmpW
lstrlenW
DeleteCriticalSection
CreateMutexW
CreateFileW
CloseHandle
LoadLibraryA
GetModuleHandleW
GetProcessHeap
HeapAlloc
InitializeCriticalSection
VirtualAlloc

user32

LoadIconA
GetParent
LoadBitmapA
GetSystemMetrics
LoadBitmapW
LoadIconW

advapi32

GetTraceEnableFlags
RegOpenKeyA
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
TraceEvent
TraceMessage
UnregisterTraceGuids
RegQueryValueExW

winmm

timeGetTime

Sections

.text
Size: 561KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9c530f498be6d9edea9da912deac95a

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

d0:e5:92:2e:2b:69:fd:4d:0e:3f:fa:18:81:ab:b3:a6Certificate

Extended Key Usages

Key Usages

e5:2b:91:fb:f3:4e:7d:d8:30:b0:af:17:3d:1a:da:e6:f0:83:f4:e1:62:46:06:29:1d:e7:25:08:39:d4:51:f3Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

winmm

Sections

.text Size: 561KB - Virtual size: 560KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

d0:e5:92:2e:2b:69:fd:4d:0e:3f:fa:18:81:ab:b3:a6
Certificate

e5:2b:91:fb:f3:4e:7d:d8:30:b0:af:17:3d:1a:da:e6:f0:83:f4:e1:62:46:06:29:1d:e7:25:08:39:d4:51:f3
Signer

.text
Size: 561KB - Virtual size: 560KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB