3f1392216aa3f22fdf6e1d61ddae9d78_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f1392216aa3f22fdf6e1d61ddae9d78_JaffaCakes118
Size

138KB
MD5

3f1392216aa3f22fdf6e1d61ddae9d78
SHA1

b893b5f3417b4b2882785f290e308eb35c4869bc
SHA256

66d34c5d70e039de88d1b2aeebd1e115bf9ebb3e0ad9a1a2f84e010122664cad
SHA512

8fe2b37b1a34878a7089350c95d67510bac5b222ce320b0adc2cfb7116e0d6ac854c79a3677dcc838c71d24bd94122a18e4a864bdab4badb292ab1f93e57950e
SSDEEP

3072:4L5VcFrlCYOENAhN2KBC5CH+xF7vCww95YeoLoSqtIzp:IV00YOENclBC564ubYe5t

Score

1^/10

Malware Config

Signatures

Files

3f1392216aa3f22fdf6e1d61ddae9d78_JaffaCakes118
.exe windows:5 windows x86 arch:x86

34d9c094d38e2cb78b87dd41b73bf0b4

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

23:4d:a0:4b:d2:42:85:3c:4a:cb:9a:e8:61:c2:19:bb
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

27/08/2009, 00:00

Not After

20/09/2012, 23:59

Subject

CN=Autodesk\, Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Design Solutions Group,O=Autodesk\, Inc,L=San Rafael,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\develop\global\Release\bin\common\FaroImporter.pdb

Imports

kernel32

InterlockedDecrement
SetFilePointer
ReadFile
ReleaseSemaphore
WriteFile
GetTempPathW
GetTempFileNameW
CreateFileW
CloseHandle
OpenSemaphoreW
LocalFree
TerminateProcess
DeleteFileW
SetFilePointerEx
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
Sleep
InterlockedCompareExchange
GetStartupInfoW
GetCurrentProcess
InterlockedExchange

shell32

SHGetFolderPathW
CommandLineToArgvW

ole32

OleRun
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

GetErrorInfo
SysAllocString
SysFreeString

msvcr90

fgets
strncmp
atoi
atof
fclose
_wsopen_s
wcscpy_s
_read
_close
_lseeki64
qsort
wcscat_s
_strlwr_s
_wfopen_s
srand
_time64
rand
_CxxThrowException
memset
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_invoke_watson
_controlfp_s
wcsncpy_s
??2@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
_purecall
memcpy
_CIpow
__CxxFrameHandler3
swprintf_s
__RTDynamicCast

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�6�
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34d9c094d38e2cb78b87dd41b73bf0b4

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

23:4d:a0:4b:d2:42:85:3c:4a:cb:9a:e8:61:c2:19:bbCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

ole32

oleaut32

msvcr90

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

�6� Size: 92KB - Virtual size: 92KB

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

23:4d:a0:4b:d2:42:85:3c:4a:cb:9a:e8:61:c2:19:bb
Certificate

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

�6�
Size: 92KB - Virtual size: 92KB