44ba40b19c84ebeafc97dd332457fc1e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44ba40b19c84ebeafc97dd332457fc1e_JaffaCakes118
Size

398KB
MD5

44ba40b19c84ebeafc97dd332457fc1e
SHA1

4f678c804bb4cdedb2e7abb33b479a8bb7f3ebd2
SHA256

bee0e179d7d1ced3d70e25f26f60ae8735e81f1777ee30412d271d3550d55dfe
SHA512

cd22405e8ea68428d77b93df5c518812165aaef10fae5bed719636e8e51da8d87637bf9f2a9b5c6e3b9bc6bd07459d715fa001412fae1dbd43c97ec142c37875
SSDEEP

6144:uIqnHxHUGsKpOzheSUrseLCZwOT+IOmSzfINN0+teMsLn/uP3bbnmOR:d8HCzkOlsTw2lYBe/mPZ

Score

1^/10

Malware Config

Signatures

Files

44ba40b19c84ebeafc97dd332457fc1e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c45b5ca23463842a8833b8782ba481d7

Code Sign

4c:1b:21:c5:d9:86:35:b9:4b:b3:50:77:b9:94:1a:59
Certificate

Issuer

CN=jjjjjjjjjjjjjjjjjjjjjjjjjjjjj Mr kAhjGoF39b MlBIja4vgvBpt3xH8AcysHFGhFfMKDFaACveIcKuuio38MfvtiK2Gmw5zdDyf zBK1amJyne r8tFe52GMB2x78mb26GFtxKJ9f6AezEo7mbs Bls1CLImp5q4bgp2E2L 2bmrqMjMzmhxJxhusGnME5b zFg9n5ksrAC7aMw2fuwBkpp1eDd1pi1DEenfmjA856bcwoMGEqLApFHd7Jlv1mnJGygFDtzM7egwmq764vCs7iDwKGeLJFx16jyB4pwGIL4187iK44vuluHyMBrh2KspqH3xdfplLBsA6ChfboEsBAGhKriFi7ckpBavjMCk4uDn8mjAryl13tvBiHe8gayyd3DC6gyn u6ia 9 h9va92fIhecbyh58m5szCEKgtFalzBdlgKz6Czrv1ntfLll3982s3p1EHkxa e2AkEcdh22zhnJGHtcose4I8J4316bGErqKvvK BaM2JxBcpH jt gvuasbJAaJ7owHat2DnmDoa ziGIBJcMkb ILM98kh 7KFoG7pL5g97xi2IB4vBDo3kcu4BhEiim7uD3taB3Icp7dpt 3Ki6nAiG9nfsuzDHuvk qwo2eI3CcmMhLLMxsLzE79IeavftJdrewLCcveiGoeLtJmgGoxEubGw4aLj7B9kKg7i28AavukoGyG7Efnrixan9jKF4xeJfhva6vlg3uG3L6iEMpga649KACKyiyiDL9L1FlmBI bcinCLvC6pvGAp3vtlqfkort95DyBn3gx8Mg56EGfxi6ko7gvEe3CaAkHDh1MjlJBaHJE1rk8txl1aIqa7xc9 b3zn27yjf9mowmIx Mo3dEr9BHGC31er ovH9KcgJycto55yi74k7z4DnayKwcoLD5jhryALJDbHLtKAxjeeMqzGKskyntbFFgilllJHLvJLhJmzKIaAEi46FcdxjrlqHJyJidoip8iwzvfou2upMG6a3wK3t4ga2seALAAoHjaICbs mme3qh Mmzwge m2Mt8CyKxHbcxy8Al2s36b95jD1ybf2ktFEjAG5na98AtaMzfAiwwCaF7D5dFleu5Iow1toke8phpLyj t7o83kndxkpIAL8oHelgywhDJH26xbzcBnEnFml4z3AL72jdhxarJdtw7J7zsxiulelK9ga9Aym32ncEin6Cdii7py4Gd 8qs6fkGHAjgohbBxnE3CvGcC3rthFt9818JawqA31cDCixj5DyiGeA1M777ar5aqg3BE6ttoq6cruAvjv6JH9tJIqeL uEu69uIkwmygbzqJu2 9KoKCA1n7vrpwBcb7wI1Ihyvnt5nJfqa8JCyLi8mv9yJI2f1uzMbcp2mIic3qEpD8L9MxmhluDDgpq8raFJGvK63lJpk6qyrqyLaBAbkFnGtxbg11rl qz9CzielHB8zlHApHChFL31t6a6BiGAs1EyGaptF67wEctwCvGjweeaJ7cjtcf2Fsg2vb91xLchxykGwxL1a2e7LIoywu8alAckEK1d61lIonsM28vvh8Ak5mpg4yhDDa71MeLFcxb7ChJfujMGiHg8ihfri2IFbguv1Iaa1x5efI9D4 E3a4npczdohIqry2i1 C6KfB38erzKAxygllc8EFLChG8ELnjpzl9sLeI8hse78lMGhom4niazzEedqEiLx JmuAaiwDbruo7G6n5knbEHhh4f6miyFCaGKz9KB3FCdvpdoAAHIzsh8olpih99yMz hCj415KGLcgfpniprkgms8Epl66hbJI7Gte1EK7J1a9x4wpxMoIahFjMtroi6k3CbCwJuzmwu cs7Kz3stIL3nM1rysIiyEw G9 8sFprh3F tbihBCwI1DvKBMmhxErlf7595x5nBf95zMcie34akiuiu7JCF8uK13ikpfAn2FxGbwov8AouIxzjjprGtuGx7g6144q3ev35 tndpgmsnbcpvoFJFKkz3sgA7 t3vIg9r75upaI9Md5aLptddemLEAwz7ggEj9d2CboJ2bzIB9eJh1EgF2cG3goiEucbx7esFjykuofkqL5DIyA2eMLuyEb udLbMd8Hu 9cFmxswC566izx9J4L xGF xLHH1g3wf9smElKLbGxqIp63EIbbkDEdJsAJiwzHC1n8n a8vo5wydyAbcm5y35C6FJqvzx9a2M4pftv7ludezfhCzypnBGn9oKKkIHIbrJddq1imkx9ohlFnd9tD6GJhKucBbB1KF68ae1D ezvdlnH1AbAErzjInhzDcH8BkE1eIjntMtIEGmr4FB wBv2Cbg vJ4wwItn4bG33ohmsHIspMqkm2Gyznu3guLLE7qepz9AxAMiII4gxds8eh93Aqp1Fb7u6zF7qlsDhmmGcrqBCk5erEzrcDl3FccMzCmlkCpG4eudDuDzEIaKC1zuF4AkI3gJcad2I21cBDhd5cq5fF4nzf4uyG5wfw2x7eJLBBCxuio7obJsdc56gfmaod Jbq7J i6m2qrqppDjfHkdbDwh3H9GsJe837u618jDvcpEd4Dz8Izcj87uk4BAFxLsf5vJnq7yMuojj82cdlC99zJ3GgKs8a8itkbkaerBjA6 hx2 95u3xes7kt1CdBB3igIAn82vfr8mlqMzap5DJiMloKeJ3HtleqvrtmryucvDv9F 2DDk5ri17cFE5HCqoJp8oDj4oarIHzDa46v2xKkbqD8e6AnnGCctfl4rikC64HKwgedzCuJxhczlr47DAxhhl47AnmkMLMF2Jcm6du7e hp89Bng2mlwqfLj3udE3m5j3c3ui ozumbBM7cFCLIAsh91H3EIsiI8tp7lholCue7 BKrL7jBr5kzaArbKyvJAz9isvltp6cn8EriIkezz1b4lyLlzwIqwHBCc7DoKGkI8nFKxlzGtMt nmpahL3ush6kqCtHJ3o791w9IoMzbbpf2I llllllllllllllllllllllll

Not Before

07/01/2013, 12:18

Not After

31/12/2039, 23:59

Subject

CN=jjjjjjjjjjjjjjjjjjjjjjjjjjjjj Mr kAhjGoF39b MlBIja4vgvBpt3xH8AcysHFGhFfMKDFaACveIcKuuio38MfvtiK2Gmw5zdDyf zBK1amJyne r8tFe52GMB2x78mb26GFtxKJ9f6AezEo7mbs Bls1CLImp5q4bgp2E2L 2bmrqMjMzmhxJxhusGnME5b zFg9n5ksrAC7aMw2fuwBkpp1eDd1pi1DEenfmjA856bcwoMGEqLApFHd7Jlv1mnJGygFDtzM7egwmq764vCs7iDwKGeLJFx16jyB4pwGIL4187iK44vuluHyMBrh2KspqH3xdfplLBsA6ChfboEsBAGhKriFi7ckpBavjMCk4uDn8mjAryl13tvBiHe8gayyd3DC6gyn u6ia 9 h9va92fIhecbyh58m5szCEKgtFalzBdlgKz6Czrv1ntfLll3982s3p1EHkxa e2AkEcdh22zhnJGHtcose4I8J4316bGErqKvvK BaM2JxBcpH jt gvuasbJAaJ7owHat2DnmDoa ziGIBJcMkb ILM98kh 7KFoG7pL5g97xi2IB4vBDo3kcu4BhEiim7uD3taB3Icp7dpt 3Ki6nAiG9nfsuzDHuvk qwo2eI3CcmMhLLMxsLzE79IeavftJdrewLCcveiGoeLtJmgGoxEubGw4aLj7B9kKg7i28AavukoGyG7Efnrixan9jKF4xeJfhva6vlg3uG3L6iEMpga649KACKyiyiDL9L1FlmBI bcinCLvC6pvGAp3vtlqfkort95DyBn3gx8Mg56EGfxi6ko7gvEe3CaAkHDh1MjlJBaHJE1rk8txl1aIqa7xc9 b3zn27yjf9mowmIx Mo3dEr9BHGC31er ovH9KcgJycto55yi74k7z4DnayKwcoLD5jhryALJDbHLtKAxjeeMqzGKskyntbFFgilllJHLvJLhJmzKIaAEi46FcdxjrlqHJyJidoip8iwzvfou2upMG6a3wK3t4ga2seALAAoHjaICbs mme3qh Mmzwge m2Mt8CyKxHbcxy8Al2s36b95jD1ybf2ktFEjAG5na98AtaMzfAiwwCaF7D5dFleu5Iow1toke8phpLyj t7o83kndxkpIAL8oHelgywhDJH26xbzcBnEnFml4z3AL72jdhxarJdtw7J7zsxiulelK9ga9Aym32ncEin6Cdii7py4Gd 8qs6fkGHAjgohbBxnE3CvGcC3rthFt9818JawqA31cDCixj5DyiGeA1M777ar5aqg3BE6ttoq6cruAvjv6JH9tJIqeL uEu69uIkwmygbzqJu2 9KoKCA1n7vrpwBcb7wI1Ihyvnt5nJfqa8JCyLi8mv9yJI2f1uzMbcp2mIic3qEpD8L9MxmhluDDgpq8raFJGvK63lJpk6qyrqyLaBAbkFnGtxbg11rl qz9CzielHB8zlHApHChFL31t6a6BiGAs1EyGaptF67wEctwCvGjweeaJ7cjtcf2Fsg2vb91xLchxykGwxL1a2e7LIoywu8alAckEK1d61lIonsM28vvh8Ak5mpg4yhDDa71MeLFcxb7ChJfujMGiHg8ihfri2IFbguv1Iaa1x5efI9D4 E3a4npczdohIqry2i1 C6KfB38erzKAxygllc8EFLChG8ELnjpzl9sLeI8hse78lMGhom4niazzEedqEiLx JmuAaiwDbruo7G6n5knbEHhh4f6miyFCaGKz9KB3FCdvpdoAAHIzsh8olpih99yMz hCj415KGLcgfpniprkgms8Epl66hbJI7Gte1EK7J1a9x4wpxMoIahFjMtroi6k3CbCwJuzmwu cs7Kz3stIL3nM1rysIiyEw G9 8sFprh3F tbihBCwI1DvKBMmhxErlf7595x5nBf95zMcie34akiuiu7JCF8uK13ikpfAn2FxGbwov8AouIxzjjprGtuGx7g6144q3ev35 tndpgmsnbcpvoFJFKkz3sgA7 t3vIg9r75upaI9Md5aLptddemLEAwz7ggEj9d2CboJ2bzIB9eJh1EgF2cG3goiEucbx7esFjykuofkqL5DIyA2eMLuyEb udLbMd8Hu 9cFmxswC566izx9J4L xGF xLHH1g3wf9smElKLbGxqIp63EIbbkDEdJsAJiwzHC1n8n a8vo5wydyAbcm5y35C6FJqvzx9a2M4pftv7ludezfhCzypnBGn9oKKkIHIbrJddq1imkx9ohlFnd9tD6GJhKucBbB1KF68ae1D ezvdlnH1AbAErzjInhzDcH8BkE1eIjntMtIEGmr4FB wBv2Cbg vJ4wwItn4bG33ohmsHIspMqkm2Gyznu3guLLE7qepz9AxAMiII4gxds8eh93Aqp1Fb7u6zF7qlsDhmmGcrqBCk5erEzrcDl3FccMzCmlkCpG4eudDuDzEIaKC1zuF4AkI3gJcad2I21cBDhd5cq5fF4nzf4uyG5wfw2x7eJLBBCxuio7obJsdc56gfmaod Jbq7J i6m2qrqppDjfHkdbDwh3H9GsJe837u618jDvcpEd4Dz8Izcj87uk4BAFxLsf5vJnq7yMuojj82cdlC99zJ3GgKs8a8itkbkaerBjA6 hx2 95u3xes7kt1CdBB3igIAn82vfr8mlqMzap5DJiMloKeJ3HtleqvrtmryucvDv9F 2DDk5ri17cFE5HCqoJp8oDj4oarIHzDa46v2xKkbqD8e6AnnGCctfl4rikC64HKwgedzCuJxhczlr47DAxhhl47AnmkMLMF2Jcm6du7e hp89Bng2mlwqfLj3udE3m5j3c3ui ozumbBM7cFCLIAsh91H3EIsiI8tp7lholCue7 BKrL7jBr5kzaArbKyvJAz9isvltp6cn8EriIkezz1b4lyLlzwIqwHBCc7DoKGkI8nFKxlzGtMt nmpahL3ush6kqCtHJ3o791w9IoMzbbpf2I llllllllllllllllllllllll

Extended Key Usages

ExtKeyUsageCodeSigning

a1:61:70:63:a2:56:da:11:60:fc:61:4d:5b:25:c1:7d:0a:32:a6:d2
Signer

Actual PE Digest

a1:61:70:63:a2:56:da:11:60:fc:61:4d:5b:25:c1:7d:0a:32:a6:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryW
VirtualAllocEx

user32

LoadCursorA
RegisterClassExA
LoadIconA

gdi32

GetStockObject
DeleteObject
GetDeviceCaps
GetObjectA
CreateFontIndirectA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

m11
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m10
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m9
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c45b5ca23463842a8833b8782ba481d7

Code Sign

4c:1b:21:c5:d9:86:35:b9:4b:b3:50:77:b9:94:1a:59Certificate

Extended Key Usages

a1:61:70:63:a2:56:da:11:60:fc:61:4d:5b:25:c1:7d:0a:32:a6:d2Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 3KB

m11 Size: 512B - Virtual size: 100B

m10 Size: 512B - Virtual size: 100B

m9 Size: 512B - Virtual size: 100B

m8 Size: 512B - Virtual size: 100B

m7 Size: 512B - Virtual size: 100B

m6 Size: 512B - Virtual size: 100B

m5 Size: 512B - Virtual size: 100B

m4 Size: 512B - Virtual size: 100B

m3 Size: 512B - Virtual size: 100B

.data Size: 327KB - Virtual size: 327KB

.data2 Size: 1KB - Virtual size: 1KB

.rsrc Size: 41KB - Virtual size: 40KB

4c:1b:21:c5:d9:86:35:b9:4b:b3:50:77:b9:94:1a:59
Certificate

a1:61:70:63:a2:56:da:11:60:fc:61:4d:5b:25:c1:7d:0a:32:a6:d2
Signer

.text
Size: 4KB - Virtual size: 3KB

m11
Size: 512B - Virtual size: 100B

m10
Size: 512B - Virtual size: 100B

m9
Size: 512B - Virtual size: 100B

m8
Size: 512B - Virtual size: 100B

m7
Size: 512B - Virtual size: 100B

m6
Size: 512B - Virtual size: 100B

m5
Size: 512B - Virtual size: 100B

m4
Size: 512B - Virtual size: 100B

m3
Size: 512B - Virtual size: 100B

.data
Size: 327KB - Virtual size: 327KB

.data2
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 41KB - Virtual size: 40KB