40b6cc73f37c3dc75c169b9c2a015cda_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40b6cc73f37c3dc75c169b9c2a015cda_JaffaCakes118
Size

68KB
MD5

40b6cc73f37c3dc75c169b9c2a015cda
SHA1

836c3937e33eb5bad74e8a2e000fcffe26867f14
SHA256

4301f448fb6f75da5c28bf9a6cd7e1abb7ac9e2e29772755e376e791839a0732
SHA512

dd8af7d330fa720de2f236dd170516ee201b1ed7a882915c34e75ade339f023d057fec97bd0f417611bd9f250e5fffc9297508f98f850bfd5dad5510e08c3404
SSDEEP

1536:ojgge20pmiEkmJgshTKAxdMpCKf2DEOEfrc19D:GZvemFKohcfrM

Score

1^/10

Malware Config

Signatures

Files

40b6cc73f37c3dc75c169b9c2a015cda_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42897208bd9c7f275fc5152274d9d5f7

Code Sign

23:e9:fe:3a:da:08:68:a7:49:80:f1:72:65:da:46:93
Certificate

Issuer

CN=A3FAHH3DH2ACFCEDA11E3D1D3BDDCHHH3GA3HCAD22CDH312D3CHEDBFAE2CAH3GE1AFFC2FDB12BE22EFE3CHC1B3AH2DH31DEA2DADDB33BGBHHAE13BD3G1BAECFH31GECCDFEE2GAH3CHBCH3F1ACHBAFEHFDE1A2BGHG3EGCE31D2DEGC32DBF323BGGE3HCEBGE22CHE3FBD3FAH1FFGFEBFGH21H3EHB1G2EEF3112D21GH3H1BAA1G3AGA3GF23CFDGDHDFF1FH3BDFHGGHEBDGDH11EFDBFHH2A3CFDEAF11AGE21GBFAH3GCFAEEGGD3DHCGAE3DBADEFA1AH3CD1HAEDF33ACH3GFB1HB1ABFGDHGAHDGEAE3BABF2AFE2E31CAC1HAFBBB1D1H213EEGE3C23AD23HFHAEEA31B1HCFCE2AC311B1D2GFG11132G23DACGECGD3H23EHC2FEHE1HBGD1DCEHA2BFHEFHEHA1DB3BE13A2BE2AB1CBC3E23CHGAA3DEB3GGHECHE3GB1EH212AGCAD33EADGAGCFD1D1ECBF1DAGBBFEAFGFCFDAACEABDA2EEAG33A3GAAEBEA1FBDHBDDCD2GDBGA1DCB1A1GH3CDBHF1C1AHEEF1GH31HDCGC11A112AGAGGGHDDBG2C3F31BBBHCHBGC21HHAEBAFEGADHGBFEGA2BHC3C3GEA22DB3C3G2CHDGG3C13FA3FC13BCG1B1G2FEHFHGEE1BC22GHCFAFCDBCHGE2C33EB11BHDA1ECDHECGEH3BADFB22CHDCFD2GB2A1GFEGE2EAGB1CFDBHFA3A3EEED3DDFF3GABBAEC1B1HDBE111FDG231BCDDA123C2GAFCDDDA2FB3EBC1F3AFCFH1A2DGDBED3HB1DEB333DGAFEE1FBACH3B21B2AFEBFBDG3EGHHE3ACFFGG21DG3BAHGG1G3GEAHG213H2CDA13FAG11131GHAB1EAFA2AE2AAF3H3GCDGEB321B2B1EHGEHGDF1DG122BB2BCDGHD211DH2HEEHDGF3H1GHGGBBB3H1CHG2HD2CC2E1HEABGAABE1H21CAB2ADDEAEH2AAHGAB2DB1CHGAHCBA2BF2C32FGG2DH2ECCFDCA21C131FEGHA3GCFAAD1DAGFE3ECB21CFG22DH1AH21DGE2F331HFFD2FEFCEBEGAHEGGBGHED1ECC2AHBGC3B21GFE FFD2F2BDCC FFD2F2BDCC

Not Before

29/11/2012, 15:14

Not After

31/12/2039, 23:59

Subject

CN=A3FAHH3DH2ACFCEDA11E3D1D3BDDCHHH3GA3HCAD22CDH312D3CHEDBFAE2CAH3GE1AFFC2FDB12BE22EFE3CHC1B3AH2DH31DEA2DADDB33BGBHHAE13BD3G1BAECFH31GECCDFEE2GAH3CHBCH3F1ACHBAFEHFDE1A2BGHG3EGCE31D2DEGC32DBF323BGGE3HCEBGE22CHE3FBD3FAH1FFGFEBFGH21H3EHB1G2EEF3112D21GH3H1BAA1G3AGA3GF23CFDGDHDFF1FH3BDFHGGHEBDGDH11EFDBFHH2A3CFDEAF11AGE21GBFAH3GCFAEEGGD3DHCGAE3DBADEFA1AH3CD1HAEDF33ACH3GFB1HB1ABFGDHGAHDGEAE3BABF2AFE2E31CAC1HAFBBB1D1H213EEGE3C23AD23HFHAEEA31B1HCFCE2AC311B1D2GFG11132G23DACGECGD3H23EHC2FEHE1HBGD1DCEHA2BFHEFHEHA1DB3BE13A2BE2AB1CBC3E23CHGAA3DEB3GGHECHE3GB1EH212AGCAD33EADGAGCFD1D1ECBF1DAGBBFEAFGFCFDAACEABDA2EEAG33A3GAAEBEA1FBDHBDDCD2GDBGA1DCB1A1GH3CDBHF1C1AHEEF1GH31HDCGC11A112AGAGGGHDDBG2C3F31BBBHCHBGC21HHAEBAFEGADHGBFEGA2BHC3C3GEA22DB3C3G2CHDGG3C13FA3FC13BCG1B1G2FEHFHGEE1BC22GHCFAFCDBCHGE2C33EB11BHDA1ECDHECGEH3BADFB22CHDCFD2GB2A1GFEGE2EAGB1CFDBHFA3A3EEED3DDFF3GABBAEC1B1HDBE111FDG231BCDDA123C2GAFCDDDA2FB3EBC1F3AFCFH1A2DGDBED3HB1DEB333DGAFEE1FBACH3B21B2AFEBFBDG3EGHHE3ACFFGG21DG3BAHGG1G3GEAHG213H2CDA13FAG11131GHAB1EAFA2AE2AAF3H3GCDGEB321B2B1EHGEHGDF1DG122BB2BCDGHD211DH2HEEHDGF3H1GHGGBBB3H1CHG2HD2CC2E1HEABGAABE1H21CAB2ADDEAEH2AAHGAB2DB1CHGAHCBA2BF2C32FGG2DH2ECCFDCA21C131FEGHA3GCFAAD1DAGFE3ECB21CFG22DH1AH21DGE2F331HFFD2FEFCEBEGAHEGGBGHED1ECC2AHBGC3B21GFE FFD2F2BDCC FFD2F2BDCC

Extended Key Usages

ExtKeyUsageCodeSigning

cd:8f:7a:6a:f5:df:9d:81:86:30:de:a0:cd:b7:5d:6a:9a:c7:6b:93
Signer

Actual PE Digest

cd:8f:7a:6a:f5:df:9d:81:86:30:de:a0:cd:b7:5d:6a:9a:c7:6b:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GetCurrentDirectoryA
GetSystemInfo
lstrcmpA
WriteProfileStringA
GetModuleHandleA
MultiByteToWideChar
GetStartupInfoA
DeleteFileA
GetVersionExA
GetShortPathNameA
SetLastError
GetPrivateProfileStringA
lstrcatA
lstrlenA
FreeLibrary
GetProcAddress
LoadLibraryA
GetFileAttributesA
GetSystemDirectoryA
CompareStringA
lstrcpyA
ExpandEnvironmentStringsA
GetTempFileNameA
GetCommandLineA
GetTempPathA
CloseHandle
WriteFile
CreateFileA
WritePrivateProfileStringA
lstrcmpiA
GetCPInfo

user32

GetDesktopWindow
LoadStringA
LoadIconA

gdi32

GetStockObject

msvcrt

_controlfp
__set_app_type
strchr
_exit
_acmdln
_XcptFilter
exit
__setusermatherr
__getmainargs
_initterm
__p__fmode
_adjust_fdiv
__p__commode
_except_handler3
sprintf
memcpy

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey

shell32

SHGetMalloc
SHChangeNotify
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize

Sections

.1
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42897208bd9c7f275fc5152274d9d5f7

Code Sign

23:e9:fe:3a:da:08:68:a7:49:80:f1:72:65:da:46:93Certificate

Extended Key Usages

cd:8f:7a:6a:f5:df:9d:81:86:30:de:a0:cd:b7:5d:6a:9a:c7:6b:93Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

ole32

Sections

.1 Size: 52KB - Virtual size: 52KB

.text Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12KB

23:e9:fe:3a:da:08:68:a7:49:80:f1:72:65:da:46:93
Certificate

cd:8f:7a:6a:f5:df:9d:81:86:30:de:a0:cd:b7:5d:6a:9a:c7:6b:93
Signer

.1
Size: 52KB - Virtual size: 52KB

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12KB