2dae6869fe2779c4b0abbd30ea6ca352_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2dae6869fe2779c4b0abbd30ea6ca352_JaffaCakes118
Size

73KB
MD5

2dae6869fe2779c4b0abbd30ea6ca352
SHA1

32d588a2053a3d77e6bee12bc65b9a689c04c2c1
SHA256

5516b434683ae4452358a8d18aa5762153e902863f11c9a8155c8dfe81ea57c4
SHA512

c617b8be59c94f371c3cbf6563f49c5ae595f0979e9a841eb4235916288abda90a0278e7c3876729386e0483ccff1c42f6af1b9f0f1276427ec771c46b7a1374
SSDEEP

1536:+j8aN37X4Gpk6CVjLr+7+J+YU+5Cvns13Ht:+p7oGmfVjLCSkaos13N

Score

1^/10

Malware Config

Signatures

Files

2dae6869fe2779c4b0abbd30ea6ca352_JaffaCakes118
.exe windows:5 windows x86 arch:x86

31e8e9137546df60090926c7ee730adc

Code Sign

69:20:c8:36:69:a4:a8:9e:47:7a:67:71:2b:37:d6:3a
Certificate

Issuer

CN=ddddddddddddddddd GhLkEfCb5dCCbpGg3JAkoi7FBGCtI1m6l147C51E6ttqbM2fsqrvA7hwsm9z9ooGzFvx41ju6w2ACwHomlfpHgxhBf7jCsMqug1 u2KyFI7id3whieJssHJrGKr5HC1Afm7vs7hoGh D3za4xesjA2JeMdfK7EmqgFi8wdoz stFJAwjHn7rwccFG2Mw6e6Gung43rbxE1c25LHJ2v7yGyc65n4spwr6qAmq1njLbt6kcjztehIolsDeBGobbdkx6kFcdL p2yFf1 A7tA3tAurmnAa dqhCyuMKBCCtdiK5rffsHtz3x5JCyhuD4LotyIonkt654xJe3jp8pMl3uoGFhbD8AMJA4LgpCA H5psJohjnHlGivb8hvieBv6xEj9wrHa79Mq32uqBsh4kjq7eIHgGz6y2deLIA ibLMwxDyjAhsCwFqHGylutftG1xvDEx7itmy4hl3D6n28H1ycq636K3uqBLzdajH FHGlfqFdHpb7sLDAgfdg87aaD2vq G dauGoK F6EyrkGznn4dtdjHDfp8jFtqE3L8colEsprwJsp2id6hard7Cath213ueBsaDv3c2aFjIIBoaB7rg1Mrjk keL C8qvfl669CFnimlkG7f5dCD3j2v1xgtvaegEemsgK8dej9uBqkbLgBa2p8x1bD8n6chDw2F Ikgo1Ahx6c5 A867D5ranMtFc42ih4Gj342uF9Ez7Ffv2GG63ClAet E1d7jz7KpHsfzj5wbg1Ii3xzo1CseAxzGrbK nAlI6o8larAkBtz1ovdww3oGIxp85rbh39zC3vn5j2anfJ97yw6Lar2y5vnarj9qLemFqifta6ox7Inkyaa C5MHtgk5zaH up3Lue1 hDkgDuosJs77mhyzfi5pIy9om1lgpheq9bd1FEHIE569ELirdK6Jp8s1o88mrztwhcGbLBvc 1AEEvmIK3cqtDqw9xMqD8oIvwkaphs3wBsewiilGapu9wg5buHvDtBLEzsGGktEq94xEdvJqK2f8xyfoDD4w9Kxctpd3un7bygfKoCdnHzsALo2H9AJAIgGlJ4dmzKv7gseBpeqag5jhs3f5Kwzz6BMHExs622f9qq1gHsGn9K3frzu7ip13AvoLyH1sIsee5A5BbEtjwl49HxA7Coi5tIBDiqgMgCrhoJ2paBgpbGpIkKD5Lf6mdgHhIe Lguv2vH2qw8F4DHH7G4GM djMvg gwML6eLsyIoIpknFtKauC7kA2Bjfl2iDrt3zovr xrxH4woLww2eK9DC47f8o95lAecdeJ44vktEw3 2Kd3fEqxEB9gmvua787lqg2K5 79ddo9zxo AJlzpdMkkA3djKc5dr7 Lf96b15xnLvqm9rrgMuLKop53AKse8BxqAfkfEDyBG5tIxG4Ct67Iac8M5DqiIBFKivLBGuryJ81ezpal2el2Bvvk4JIkAB92tMiwwoBwsocgMvxbgLmtoyjyepncClMxDIB o17kDHHuIqdjkqMJnxu8HEi41FHygdofa2eFk76uoqbqpJpAnHBfkcdEw38M5iMjfbmLc451ad93npCuC3b68sb8F9DFF6 1bIz9e19pEu63wG52h7h9qLEjJCIwEAcFfvvA5Lymu4zyz97F9xlk3CFsH5 CKxhA4h8ommkIudkc4 wL49z7ozip qkoc6HJ6Eddb1AFo28xk5j5Mowb8AxeupubrEAio35rt858wgf2oG71Ex3Gu9jFEl4xxtIjzBxKkteeleE4h t1dB7l3xoA cgBwyiDibJiAhL Fanw1lzuzJ294JyLBM3w bbEbowH7iBntBew4iEaIcpvr9hBz279hA4gCC9xbx81J1d1IjDjFwhehjlry2khMe84aLtIqI1lsAgfs51FIDsE65tcdembHq gj7x3xbDi4ftht7FKza1rJLLh2xLbI2E9AGdy k5kq5eg keucmoLyLJahs8v139oMKsiC4Cjl36e2buo bwvmjFaK Hb6MEHezE8BhAaG144w4z3AdbczKc3L8kgzkl2kxL2j3459q89ujErhuf8aqxhhBx4Gu6tqMzLLrhKfeDdFIt8Jta9Fm8ioA5EB1vwv1pytBCMtkKDz3H9L5iMzrKii6B9 q8IpFvrmG3C9tq58E 3cLkbafh9tDi96qcJ Kbl7zori5o IdHxH3HA6AHo1EnBGDH9pgvshpnEBfrFlye5dJf8hmq3b46veFjw6ai1774nuthmdd6mf JF vtikoaAwq7xiuFb3BLFJpyCo1z7tM5DGG4 tsnmyH3cmzp762 AaJsAewuhoMz63HfKA2xeiKKxjAyEcDHhp6Ibgg3dMokal7C2pHFGC9sggD1sqagqqesbx7bB6Csc4efpe6 Aghhui8 ByzC11kl62Jp7n2FwFGmMMs5urdlAq7vJJsDemlcsm3BjFd7v4xbuCMlhbak1xoqruyGoA64kEdnEjLMBEjHvi3t7goqputediym1hkC7L4wcelg9JcKJD4dmbb12Gf75BEIj1c7DAkzuji3d FbDhAtByfsFvDeem9v Ivxj76rwdmKkvlzb7a9zAld 8j2dbff2ec3M3x2Bjrda821175uusEyDMkx JFFjHByCFepLL2FGxaFrshiGshkA fr ivlhMBKEg2x 7lu mzDzKv EijtjguGmulxLL1CB2E3 xcacHEyfu3MC2DIGqJFc7symrELH73D81LdF3v7jALd9Czmwt ptt E5178LroMpDii6a76JDmjiw93Cojtexa79FrlnLk4wlkayl2xwruAl61 4HKuwh7Gixxe8mrEG5Gyb9LFMc8nzAIgBKKErdKJA3KI1q3ut9k8qo2f x2yg51LehtmjqHdihHvBCvGKf2Aeo mKgGmA2JazdBwGvndki 6B1qots3bxs7KJt642ip9IlFtEl9v6wk3yLvw8Ljck6swM2m7o2Cgnb9geb2prAq2yF7CCk2y234DxFsDligd1A6JhzMwh rKBrAr8sijoeI3BrIzgIaIB4oidDIsLKGpEeiJt6Cd y3dofbuqcBAK93vuucg H8sEMmHbcvp9xAkwamp9n5oke6uonIysIKbqybo54wj4ko5BHri48yI59KMs8AIIocp1tsFqhvhqiHy yqeKDg7qrmiDs6vrl9teHIJozmDqpLCFx2rjzdl1D2ioyuDADF5k4az9teI2MBb9s6sph4Mt8kpe49ticAy6zIqBrss1KpvJ5v EvDIi2AdK5HoBFJ97g2 AKEooosIf3ghBy17fHdfhIhh6Mkbek 5I1xGr61KJ2j28Fv3ybom2lyral7vmbJ 2y3yGJiAd8qL wK58nGwzB5Idj8eMkypcbA v1sinb34x8nvaDzEJdeybtJmAEyrAmDllme8n5lEhltoG8j5jhiujnprvpFwclGHIlbwGpGhtpdh7JkpnsM8GjeMy2jItHt9 d6oHJqmxxH4Huex81tJrs KLDL4nebFtCj8hiBKh8gILL8GtEcucMaeqAtih4D5lBA 254m8pJKwofrMHsgqeay8xyD2dJzbEekaD1nIijrHMAa184867cu3wbveeKjhiG2wi2qiv2oE4oc67 pu3Cjg324of9txvwHGbIIt918H2 Gw6yKi5fsbiwzDznfs5aJm4i2KMqb9jlJ6Gyitwj6uKFcn5cuEjxe7bheC9L2KAsLtKcl791FbL4 u493oM4vgtLtt6leqrLDyKoM1FFMeDw9I2iaAlG8C5M4Dc i2fdvhofM8ojlssGEzy8pB44j 2IIz1DIvJcakGkv8sGHkMe4brAisgFMha895h5i992ELIbkmoxuvthhlKgyipxCl5z3 qdtlk1sofEEeiGwtBHoLLJqpMgJjLKjKJHAGfjl315uJclDM4GxgexHvwkso2CuLj2MxaMkB6lE1GLs7HxE5 4rrrrrrrrrrrrrrrrrr

Not Before

23/12/2012, 13:31

Not After

31/12/2039, 23:59

Subject

CN=ddddddddddddddddd GhLkEfCb5dCCbpGg3JAkoi7FBGCtI1m6l147C51E6ttqbM2fsqrvA7hwsm9z9ooGzFvx41ju6w2ACwHomlfpHgxhBf7jCsMqug1 u2KyFI7id3whieJssHJrGKr5HC1Afm7vs7hoGh D3za4xesjA2JeMdfK7EmqgFi8wdoz stFJAwjHn7rwccFG2Mw6e6Gung43rbxE1c25LHJ2v7yGyc65n4spwr6qAmq1njLbt6kcjztehIolsDeBGobbdkx6kFcdL p2yFf1 A7tA3tAurmnAa dqhCyuMKBCCtdiK5rffsHtz3x5JCyhuD4LotyIonkt654xJe3jp8pMl3uoGFhbD8AMJA4LgpCA H5psJohjnHlGivb8hvieBv6xEj9wrHa79Mq32uqBsh4kjq7eIHgGz6y2deLIA ibLMwxDyjAhsCwFqHGylutftG1xvDEx7itmy4hl3D6n28H1ycq636K3uqBLzdajH FHGlfqFdHpb7sLDAgfdg87aaD2vq G dauGoK F6EyrkGznn4dtdjHDfp8jFtqE3L8colEsprwJsp2id6hard7Cath213ueBsaDv3c2aFjIIBoaB7rg1Mrjk keL C8qvfl669CFnimlkG7f5dCD3j2v1xgtvaegEemsgK8dej9uBqkbLgBa2p8x1bD8n6chDw2F Ikgo1Ahx6c5 A867D5ranMtFc42ih4Gj342uF9Ez7Ffv2GG63ClAet E1d7jz7KpHsfzj5wbg1Ii3xzo1CseAxzGrbK nAlI6o8larAkBtz1ovdww3oGIxp85rbh39zC3vn5j2anfJ97yw6Lar2y5vnarj9qLemFqifta6ox7Inkyaa C5MHtgk5zaH up3Lue1 hDkgDuosJs77mhyzfi5pIy9om1lgpheq9bd1FEHIE569ELirdK6Jp8s1o88mrztwhcGbLBvc 1AEEvmIK3cqtDqw9xMqD8oIvwkaphs3wBsewiilGapu9wg5buHvDtBLEzsGGktEq94xEdvJqK2f8xyfoDD4w9Kxctpd3un7bygfKoCdnHzsALo2H9AJAIgGlJ4dmzKv7gseBpeqag5jhs3f5Kwzz6BMHExs622f9qq1gHsGn9K3frzu7ip13AvoLyH1sIsee5A5BbEtjwl49HxA7Coi5tIBDiqgMgCrhoJ2paBgpbGpIkKD5Lf6mdgHhIe Lguv2vH2qw8F4DHH7G4GM djMvg gwML6eLsyIoIpknFtKauC7kA2Bjfl2iDrt3zovr xrxH4woLww2eK9DC47f8o95lAecdeJ44vktEw3 2Kd3fEqxEB9gmvua787lqg2K5 79ddo9zxo AJlzpdMkkA3djKc5dr7 Lf96b15xnLvqm9rrgMuLKop53AKse8BxqAfkfEDyBG5tIxG4Ct67Iac8M5DqiIBFKivLBGuryJ81ezpal2el2Bvvk4JIkAB92tMiwwoBwsocgMvxbgLmtoyjyepncClMxDIB o17kDHHuIqdjkqMJnxu8HEi41FHygdofa2eFk76uoqbqpJpAnHBfkcdEw38M5iMjfbmLc451ad93npCuC3b68sb8F9DFF6 1bIz9e19pEu63wG52h7h9qLEjJCIwEAcFfvvA5Lymu4zyz97F9xlk3CFsH5 CKxhA4h8ommkIudkc4 wL49z7ozip qkoc6HJ6Eddb1AFo28xk5j5Mowb8AxeupubrEAio35rt858wgf2oG71Ex3Gu9jFEl4xxtIjzBxKkteeleE4h t1dB7l3xoA cgBwyiDibJiAhL Fanw1lzuzJ294JyLBM3w bbEbowH7iBntBew4iEaIcpvr9hBz279hA4gCC9xbx81J1d1IjDjFwhehjlry2khMe84aLtIqI1lsAgfs51FIDsE65tcdembHq gj7x3xbDi4ftht7FKza1rJLLh2xLbI2E9AGdy k5kq5eg keucmoLyLJahs8v139oMKsiC4Cjl36e2buo bwvmjFaK Hb6MEHezE8BhAaG144w4z3AdbczKc3L8kgzkl2kxL2j3459q89ujErhuf8aqxhhBx4Gu6tqMzLLrhKfeDdFIt8Jta9Fm8ioA5EB1vwv1pytBCMtkKDz3H9L5iMzrKii6B9 q8IpFvrmG3C9tq58E 3cLkbafh9tDi96qcJ Kbl7zori5o IdHxH3HA6AHo1EnBGDH9pgvshpnEBfrFlye5dJf8hmq3b46veFjw6ai1774nuthmdd6mf JF vtikoaAwq7xiuFb3BLFJpyCo1z7tM5DGG4 tsnmyH3cmzp762 AaJsAewuhoMz63HfKA2xeiKKxjAyEcDHhp6Ibgg3dMokal7C2pHFGC9sggD1sqagqqesbx7bB6Csc4efpe6 Aghhui8 ByzC11kl62Jp7n2FwFGmMMs5urdlAq7vJJsDemlcsm3BjFd7v4xbuCMlhbak1xoqruyGoA64kEdnEjLMBEjHvi3t7goqputediym1hkC7L4wcelg9JcKJD4dmbb12Gf75BEIj1c7DAkzuji3d FbDhAtByfsFvDeem9v Ivxj76rwdmKkvlzb7a9zAld 8j2dbff2ec3M3x2Bjrda821175uusEyDMkx JFFjHByCFepLL2FGxaFrshiGshkA fr ivlhMBKEg2x 7lu mzDzKv EijtjguGmulxLL1CB2E3 xcacHEyfu3MC2DIGqJFc7symrELH73D81LdF3v7jALd9Czmwt ptt E5178LroMpDii6a76JDmjiw93Cojtexa79FrlnLk4wlkayl2xwruAl61 4HKuwh7Gixxe8mrEG5Gyb9LFMc8nzAIgBKKErdKJA3KI1q3ut9k8qo2f x2yg51LehtmjqHdihHvBCvGKf2Aeo mKgGmA2JazdBwGvndki 6B1qots3bxs7KJt642ip9IlFtEl9v6wk3yLvw8Ljck6swM2m7o2Cgnb9geb2prAq2yF7CCk2y234DxFsDligd1A6JhzMwh rKBrAr8sijoeI3BrIzgIaIB4oidDIsLKGpEeiJt6Cd y3dofbuqcBAK93vuucg H8sEMmHbcvp9xAkwamp9n5oke6uonIysIKbqybo54wj4ko5BHri48yI59KMs8AIIocp1tsFqhvhqiHy yqeKDg7qrmiDs6vrl9teHIJozmDqpLCFx2rjzdl1D2ioyuDADF5k4az9teI2MBb9s6sph4Mt8kpe49ticAy6zIqBrss1KpvJ5v EvDIi2AdK5HoBFJ97g2 AKEooosIf3ghBy17fHdfhIhh6Mkbek 5I1xGr61KJ2j28Fv3ybom2lyral7vmbJ 2y3yGJiAd8qL wK58nGwzB5Idj8eMkypcbA v1sinb34x8nvaDzEJdeybtJmAEyrAmDllme8n5lEhltoG8j5jhiujnprvpFwclGHIlbwGpGhtpdh7JkpnsM8GjeMy2jItHt9 d6oHJqmxxH4Huex81tJrs KLDL4nebFtCj8hiBKh8gILL8GtEcucMaeqAtih4D5lBA 254m8pJKwofrMHsgqeay8xyD2dJzbEekaD1nIijrHMAa184867cu3wbveeKjhiG2wi2qiv2oE4oc67 pu3Cjg324of9txvwHGbIIt918H2 Gw6yKi5fsbiwzDznfs5aJm4i2KMqb9jlJ6Gyitwj6uKFcn5cuEjxe7bheC9L2KAsLtKcl791FbL4 u493oM4vgtLtt6leqrLDyKoM1FFMeDw9I2iaAlG8C5M4Dc i2fdvhofM8ojlssGEzy8pB44j 2IIz1DIvJcakGkv8sGHkMe4brAisgFMha895h5i992ELIbkmoxuvthhlKgyipxCl5z3 qdtlk1sofEEeiGwtBHoLLJqpMgJjLKjKJHAGfjl315uJclDM4GxgexHvwkso2CuLj2MxaMkB6lE1GLs7HxE5 4rrrrrrrrrrrrrrrrrr

Extended Key Usages

ExtKeyUsageCodeSigning

92:c6:b8:c7:43:41:70:32:27:7e:d9:d3:ea:a9:75:5f:0e:1d:a0:c1
Signer

Actual PE Digest

92:c6:b8:c7:43:41:70:32:27:7e:d9:d3:ea:a9:75:5f:0e:1d:a0:c1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetStartupInfoA
VirtualAlloc
GetWindowsDirectoryW
CloseHandle
CreateEventW
CreateFileMappingW
CreateMutexW
CreateProcessW
CreateThread
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcessHeap
GetSystemDirectoryW
LoadLibraryW
GetTickCount
GetVersionExW
HeapAlloc
HeapFree
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
OpenEventW
OpenFileMappingW
QueryPerformanceCounter
ReleaseMutex
SetEvent
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
lstrcpyW
GetSystemTimeAsFileTime
GetProcAddress

gdi32

GetStockObject

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31e8e9137546df60090926c7ee730adc

Code Sign

69:20:c8:36:69:a4:a8:9e:47:7a:67:71:2b:37:d6:3aCertificate

Extended Key Usages

92:c6:b8:c7:43:41:70:32:27:7e:d9:d3:ea:a9:75:5f:0e:1d:a0:c1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 4KB

69:20:c8:36:69:a4:a8:9e:47:7a:67:71:2b:37:d6:3a
Certificate

92:c6:b8:c7:43:41:70:32:27:7e:d9:d3:ea:a9:75:5f:0e:1d:a0:c1
Signer

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 4KB