8c8a043a50d754beb906215e3bba7dd3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8c8a043a50d754beb906215e3bba7dd3_JaffaCakes118
Size

894KB
MD5

8c8a043a50d754beb906215e3bba7dd3
SHA1

00ba84424821a7d8a50aa4c9419ae14b48d2ba58
SHA256

cb5c12b4a3fa286e1995422a88edf24b36f297395cf564bb21dd595d477626ab
SHA512

01ca95f95c64ce1f79ebb85f4d14e687b4b93d92c17388c2107c0b051fa72c8c69f4ba18f61c7d48f2ba2fa1a4692f49d11bee1790f5a26cc06d6882f2080e19
SSDEEP

24576:IBVZkgnnxUVPfUmbbxFyTDWs9G51nV9G51n+mbbxFyTDWS:INk+iVPsuyTrkLk+uyTP

Score

1^/10

Malware Config

Signatures

Files

8c8a043a50d754beb906215e3bba7dd3_JaffaCakes118
.zip
kmSdem1.exe
.exe windows:4 windows x86 arch:x86

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

Issuer

CN=GggvpYSuFAF7Uqd

Not Before

04-04-2012 06:53

Not After

31-12-2039 23:59

Subject

CN=GggvpYSuFAF7Uqd

Extended Key Usages

ExtKeyUsageCodeSigning

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:ba
Signer

Actual PE Digest

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:ba

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
lstrcatA
GetModuleHandleA

gdi32

GetStockObject

msvcrt

memcpy

advapi32

RegOpenKeyExW

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readme[1].exe
.exe windows:4 windows x86 arch:x86

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

Issuer

CN=GggvpYSuFAF7Uqd

Not Before

04-04-2012 06:53

Not After

31-12-2039 23:59

Subject

CN=GggvpYSuFAF7Uqd

Extended Key Usages

ExtKeyUsageCodeSigning

49:d2:bc:89:72:31:cf:08:ab:12:84:48:6f:d2:18:b1:ec:1a:b5:e6
Signer

Actual PE Digest

49:d2:bc:89:72:31:cf:08:ab:12:84:48:6f:d2:18:b1:ec:1a:b5:e6

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
lstrcatA
GetModuleHandleA

gdi32

GetStockObject

msvcrt

memcpy

advapi32

RegOpenKeyExW

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
voyjy.exe
.exe windows:4 windows x86 arch:x86

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

Issuer

CN=GggvpYSuFAF7Uqd

Not Before

04-04-2012 06:53

Not After

31-12-2039 23:59

Subject

CN=GggvpYSuFAF7Uqd

Extended Key Usages

ExtKeyUsageCodeSigning

4f:eb:32:2e:8b:5f:30:98:90:0f:0f:32:ad:9e:85:79:51:f2:08:e1
Signer

Actual PE Digest

4f:eb:32:2e:8b:5f:30:98:90:0f:0f:32:ad:9e:85:79:51:f2:08:e1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
lstrcatA
GetModuleHandleA

gdi32

GetStockObject

msvcrt

memcpy

advapi32

RegOpenKeyExW

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
w9ks9.exe
.exe windows:4 windows x86 arch:x86

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

Issuer

CN=GggvpYSuFAF7Uqd

Not Before

04-04-2012 06:53

Not After

31-12-2039 23:59

Subject

CN=GggvpYSuFAF7Uqd

Extended Key Usages

ExtKeyUsageCodeSigning

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:ba
Signer

Actual PE Digest

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:ba

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
lstrcatA
GetModuleHandleA

gdi32

GetStockObject

msvcrt

memcpy

advapi32

RegOpenKeyExW

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wpbt0.dll
.exe windows:4 windows x86 arch:x86

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

Issuer

CN=GggvpYSuFAF7Uqd

Not Before

04-04-2012 06:53

Not After

31-12-2039 23:59

Subject

CN=GggvpYSuFAF7Uqd

Extended Key Usages

ExtKeyUsageCodeSigning

49:d2:bc:89:72:31:cf:08:ab:12:84:48:6f:d2:18:b1:ec:1a:b5:e6
Signer

Actual PE Digest

49:d2:bc:89:72:31:cf:08:ab:12:84:48:6f:d2:18:b1:ec:1a:b5:e6

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
lstrcatA
GetModuleHandleA

gdi32

GetStockObject

msvcrt

memcpy

advapi32

RegOpenKeyExW

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bdCertificate

Extended Key Usages

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:baSigner

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

advapi32

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 1024B - Virtual size: 1KB

.g7 Size: 1024B - Virtual size: 1000B

.g6 Size: 1024B - Virtual size: 1000B

.g5 Size: 1024B - Virtual size: 1000B

.g4 Size: 1024B - Virtual size: 1000B

.g3 Size: 1024B - Virtual size: 1000B

.g2 Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 136B

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bdCertificate

Extended Key Usages

49:d2:bc:89:72:31:cf:08:ab:12:84:48:6f:d2:18:b1:ec:1a:b5:e6Signer

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

advapi32

Sections

.text Size: 90KB - Virtual size: 89KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 136B

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bdCertificate

Extended Key Usages

4f:eb:32:2e:8b:5f:30:98:90:0f:0f:32:ad:9e:85:79:51:f2:08:e1Signer

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

advapi32

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 1024B - Virtual size: 1KB

.g7 Size: 1024B - Virtual size: 1000B

.g6 Size: 1024B - Virtual size: 1000B

.g5 Size: 1024B - Virtual size: 1000B

.g4 Size: 1024B - Virtual size: 1000B

.g3 Size: 1024B - Virtual size: 1000B

.g2 Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 136B

5707ad6a92febb872fdc169934a2d29b

Code Sign

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bdCertificate

Extended Key Usages

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:baSigner

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

advapi32

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 1024B - Virtual size: 1KB

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:ba
Signer

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 1024B - Virtual size: 1KB

.g7
Size: 1024B - Virtual size: 1000B

.g6
Size: 1024B - Virtual size: 1000B

.g5
Size: 1024B - Virtual size: 1000B

.g4
Size: 1024B - Virtual size: 1000B

.g3
Size: 1024B - Virtual size: 1000B

.g2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 136B

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

49:d2:bc:89:72:31:cf:08:ab:12:84:48:6f:d2:18:b1:ec:1a:b5:e6
Signer

.text
Size: 90KB - Virtual size: 89KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 136B

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

4f:eb:32:2e:8b:5f:30:98:90:0f:0f:32:ad:9e:85:79:51:f2:08:e1
Signer

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 1024B - Virtual size: 1KB

.g7
Size: 1024B - Virtual size: 1000B

.g6
Size: 1024B - Virtual size: 1000B

.g5
Size: 1024B - Virtual size: 1000B

.g4
Size: 1024B - Virtual size: 1000B

.g3
Size: 1024B - Virtual size: 1000B

.g2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 136B

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

95:4a:a8:d0:1c:cd:36:aa:7d:d6:10:c2:26:d1:91:8c:6e:f4:49:ba
Signer

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 1024B - Virtual size: 1KB

.g7
Size: 1024B - Virtual size: 1000B

.g6
Size: 1024B - Virtual size: 1000B

.g5
Size: 1024B - Virtual size: 1000B

.g4
Size: 1024B - Virtual size: 1000B

.g3
Size: 1024B - Virtual size: 1000B

.g2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 136B

26:f7:53:e5:9e:63:45:bf:43:4a:26:b1:54:15:64:bd
Certificate

49:d2:bc:89:72:31:cf:08:ab:12:84:48:6f:d2:18:b1:ec:1a:b5:e6
Signer

.text
Size: 90KB - Virtual size: 89KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 136B