38d31d7763bac5992adc28654eb59037_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38d31d7763bac5992adc28654eb59037_JaffaCakes118
Size

266KB
MD5

38d31d7763bac5992adc28654eb59037
SHA1

090543c94f0faa5cd893296c17a74a95af2c2cbc
SHA256

dab8607aa50457012ddc8f52737a9e794355162d6b0846e30e818d1d2ca090a7
SHA512

6cacb3380c748606c6ab781899eb222bc92fb5452890d0406bd0f21689b98e9355abe1005e60168d3db07313833c872f44dccb9b1424313e7eaf9b7fea4daa0c
SSDEEP

6144:9dYheLb6ecgRxZq/5Hm7uwiymIammz/5FHeO+AcmmZ8SrbIhfW:9Mob6+RjoHm7ujyK7nYAyTb2W

Score

1^/10

Malware Config

Signatures

Files

38d31d7763bac5992adc28654eb59037_JaffaCakes118
.exe windows:4 windows x86 arch:x86

035bd55fe3dd257ca1d67e0f9b76ffab

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1c:2d:d6:1a:35:e6:5d:f6:29:97:01:ff:9b:e5:ca:44
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

20/01/2010, 00:00

Not After

24/01/2012, 23:59

Subject

CN=BITDEFENDER LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BITDEFENDER LLC,L=Fort Lauderdale,ST=Florida,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e6:f0:64:1d:37:51:90:ca:ac:45:8c:20:fd:af:62:1a:8e:4a:2a:33
Signer

Actual PE Digest

e6:f0:64:1d:37:51:90:ca:ac:45:8c:20:fd:af:62:1a:8e:4a:2a:33

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetCommandLineW
GetModuleHandleA
GetVersionExA
FlushFileBuffers
ExitProcess
GetFullPathNameW
CreateEventA
GetUserDefaultLCID
GetCurrentDirectoryA
GetProcAddress
TlsAlloc
GetDiskFreeSpaceA

user32

GetDCEx
FindWindowA
OpenClipboard
GetClassInfoA
CreateCaret
MessageBoxA
LoadMenuIndirectA
GetClientRect
LoadCursorA
CascadeWindows
PostMessageA
CreateDialogParamA

gdi32

GetLogColorSpaceW
SetPixelFormat
GetNearestColor
GetTextMetricsW
SetPixel
CreateICA
InvertRgn
GetEnhMetaFilePixelFormat
GetCharABCWidthsW
SetEnhMetaFileBits
MoveToEx
GetObjectType
GetROP2
SaveDC
StartDocW
GetCharWidth32W
GetDIBColorTable

advapi32

RegOpenKeyW
RegCreateKeyExW
RegQueryInfoKeyW
OpenServiceA
RegEnumValueW
RegDeleteKeyA
OpenSCManagerA
RegCloseKey

shell32

StrNCmpIA
SHGetSpecialFolderLocation
StrStrIA

shlwapi

SHLoadIndirectString
SHDeleteEmptyKeyW
PathIsSystemFolderA
PathCompactPathExW
wnsprintfA
PathIsDirectoryEmptyW

ole32

CoUninitialize
CoCreateGuid
CoInitializeEx
OleInitialize
CoGetInstanceFromIStorage
CoGetPSClsid
CoGetClassObject

oleaut32

VarR4FromUI2
VarI4FromI8
VarUI2FromI1

opengl32

glColor3iv
glGetPointerv
glMap1d
glPixelZoom
glIndexMask
glPolygonStipple
glMaterialiv
glRectdv
glTexCoord3d
glTexCoord2s
glColor4ubv
glTexCoord4sv
glDrawArrays

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dwe
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EIlBf
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fDLvp
Size: 2KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NYPT
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mcc
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xafRDz
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gYPkN
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dc
Size: 1KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eiKbG
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eQn
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.T
Size: 2KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

035bd55fe3dd257ca1d67e0f9b76ffab

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

1c:2d:d6:1a:35:e6:5d:f6:29:97:01:ff:9b:e5:ca:44Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

e6:f0:64:1d:37:51:90:ca:ac:45:8c:20:fd:af:62:1a:8e:4a:2a:33Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

oleaut32

opengl32

Sections

.text Size: 11KB - Virtual size: 11KB

.dwe Size: 512B - Virtual size: 4KB

.EIlBf Size: 512B - Virtual size: 10KB

.fDLvp Size: 2KB - Virtual size: 45KB

.NYPT Size: 1KB - Virtual size: 33KB

.mcc Size: 1KB - Virtual size: 9KB

.xafRDz Size: 2KB - Virtual size: 28KB

.gYPkN Size: 2KB - Virtual size: 31KB

.dc Size: 1KB - Virtual size: 21KB

.data Size: 11KB - Virtual size: 11KB

.eiKbG Size: 1024B - Virtual size: 9KB

.eQn Size: 2KB - Virtual size: 38KB

.T Size: 2KB - Virtual size: 126KB

.rsrc Size: 217KB - Virtual size: 217KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

1c:2d:d6:1a:35:e6:5d:f6:29:97:01:ff:9b:e5:ca:44
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

e6:f0:64:1d:37:51:90:ca:ac:45:8c:20:fd:af:62:1a:8e:4a:2a:33
Signer

.text
Size: 11KB - Virtual size: 11KB

.dwe
Size: 512B - Virtual size: 4KB

.EIlBf
Size: 512B - Virtual size: 10KB

.fDLvp
Size: 2KB - Virtual size: 45KB

.NYPT
Size: 1KB - Virtual size: 33KB

.mcc
Size: 1KB - Virtual size: 9KB

.xafRDz
Size: 2KB - Virtual size: 28KB

.gYPkN
Size: 2KB - Virtual size: 31KB

.dc
Size: 1KB - Virtual size: 21KB

.data
Size: 11KB - Virtual size: 11KB

.eiKbG
Size: 1024B - Virtual size: 9KB

.eQn
Size: 2KB - Virtual size: 38KB

.T
Size: 2KB - Virtual size: 126KB

.rsrc
Size: 217KB - Virtual size: 217KB