cbb3c6db6a5ae9ac1c708eda4fcdebc6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cbb3c6db6a5ae9ac1c708eda4fcdebc6_JaffaCakes118
Size

185KB
MD5

cbb3c6db6a5ae9ac1c708eda4fcdebc6
SHA1

46fd22cad8eebf558f138f5991cc0f5bd9300bff
SHA256

7833ed538960013b1635299ed374920a6375c6900f1072a874a842235df18168
SHA512

232ef7588f84e8d1754e6ee57d95508804aac8b2b8772ca953993aa8ab949315742bd594d392038c824fb24d1b95da465385d6869808ce637e82d1626b3e5120
SSDEEP

3072:RDAz9yGwUQC9r2Zcy0NKCrBZMxBkWzk8Bk8lk8JoBD:xm9yDEil0NKCrjOBk0op

Score

1^/10

Malware Config

Signatures

Files

cbb3c6db6a5ae9ac1c708eda4fcdebc6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9bbd8bfadced73a1e710f7ed0773872f

Code Sign

21:11:b4:ac:85:8b:69:62:b3:4d:c6:85:18:1c:b1:b9
Certificate

Issuer

CN=jjjjjjjjjjjjjjjjjjjjjjjjjjjjj 9ii7twpwKHAF52j7tl4trGm2qjAptEMmympv48b6FxqbfJKHnj4bBmor2rGIul9tosHf8zbygEAgwCJpKypoKhegrqEevrcbgDwg12G GLl9n6HHEjGewkHn9xGsjofpCs8Fr1zvK1dktgfLeLsmfmy6sBmh7mvEE6k12r4kaHzcLexq9jbxannyGGpCh5fz6CAtIbkLwMKvwvoguHctyrdvzcswlJBAp5awuCLdzw841qyKA 72nEn1uoEpBI1pE9AArMclj3g5lbxAaahsleFnwlctGshtEgAgqhh7jo8xCMkJo Dj4Bkxney8KsD3DADtiLyIglEcAAhox1LnI3tuqF5L9cmGaaEnclFJo5ajMerbj MCIxJDFbJcf B6zb6rsKyfEsB33IrBHlmB7yE8DKK3vHjAh4jiFmmm4e6ELmkwB7ljzG 3avmglhFrxitgvxx1pKjxCq33FprKfL9qadtinq5gIDl2ubc2tGbKb11KGdfDppupidbe9sId5n 9r1tqerD3JsEBuzbwr5di5pDjHs75zLI9cCxmv5j5M149EI7y8 rclnu6x3q5tKE358 hk1GkbF5Bjf3uc5zwAi12vvKp9K3qxpima23thpgvw8u6xxqq5ELLLyarCppCmJsijHei8eL1oDDwn5fMd wA5y4D7fk JHtKHqjrpxushrufcy9ijaDAgpqglMuD BDacr9BJJs4nEL98 vcAyH74aojfoj5hmClrfydCdkm9ujopgmgs61isAin cB6alMGpsvFq9FGlKHCs52tu28BeIgcmHvnt832i3w3s9BowGDc4oqkcbnJ7MJ59gzC6EqsaFz8KkIEArEFLucrkwlam7ByEBsuuLxD6I3wswEjmjDCCsAL6K3lsAw2hrsn44D 7j8gpE2xJE4w4BL8ElrCClpgalIqvq6tyBFC5H9jvsjrmnEvb95AyliIyqw2sbFzoqgwyrpmq3yDHDJ7rvvdFcub1kxBk4Dkcp8fueeaFH1gGstg6fK7vhKbBhx8LiuLw 61efjhdspyIjKdyfoogfkD5bLLMMg9cngx16oFEAGaM3Cfqw88f9i ru2hGyK9gnt5eL85 up7qc5lsEotDFq1L2E8yorACB6yp5dwjtArxnCG21uML4AtmotJddtIGtg3ekC7tvpImbcH64pE3jJFDhJhaB6Abyjk247boGjbAqAxi7omKbaGKqh1ctjj9bf8g c 694sooBpwa8y564DE8Ahlj95d5mi28FoL5Bw4jxw45G9w Hwr8xMExpBg3aBDBwB3JK93wFqxemH4fzamygJvDAC7EEwguGy26xww9pEA9nawGAcLJ1BIFjmkLfhflznCs7MA8HkEttI eo3Cx1kruvhfnr63JxpIuHwindgL eqrixMAkbHmzBFv7e66unlqA1IG3K iLJM6zdd7KHnmnafh7GB ALaqKcogDdulMwueEwehgeFrMyhGzl1whjeFoGz3q3h8rme2Gy53E3GFgg3dgDuFMdn89xsi8gjHnKuf23 hCt6lpqsabk9eCoEsBuzb2HoL5j7hc8DBu1msnbL7sh6Bkcro8l27D3zGH8bp3l jDfCsM9hGdot5geI1szMDtvukof532m I5ih5xsij3taCz8JasGly1lI16lvi3ovlnHmCa27adjv4z5ptHJ3czopcvFt2rtKlCuFDMs5vsy3 wknhAsmcDvtEDAq3Bh BEJ4JKs1uLgjeCry2yJtrcbn63CLnF85wB7d73 k7MLJHgtd4oqbhMLygkDJME8IA3GBDBdJ7jGu5npweMreG49d5DAAscooDJEewz5r7cAgdgz16bCukMjoqhyGqMnG5gGoJbe1A73wnCa542xBjsIMi6e7crFeKgq6I4BK9Bq 3ypugtnCdiIoFtwsbLEIr35jo txiCbf47waiLdcvL DIg8jaCx4gBfMncru2C CkFbJutDbfwvz3nChbK9Hu3nJsrvvayw 6Aidtvvel19DMFGltAEId63Gp6d6yorGpmxCqzK1kl5yJ2dqA5DiCjyziMh2Ak2dMrgBq9sz9AICdDzmJkb5Lh51m7gdoLlc7nGjkABh tBoC3t8fly3HdwxifMyvH3x7qH35bivx9Kbo3KjA59E1h7BFHl3lLFI2aLII3Anzp9u2fup2w8x9oECtAIv3ImClMuxof5x6dFoqkcx3KMgMa6Dp224eMgxEcdfAMLBLIAIgxjLcyA9 xBLptqakkDnBimJLlMBFLlHplic2615c2KsvwEahj5qBwH11xKaK29oJwqELe25GAKaKelsHlKCDjtIAefKjdg4H gqu7xHIjzBuEklimm2iD v7aBIEhK5FqL2otzb5 zuArbj3GK4uHrHjJlgpzg8lkqpowvcoBB9cxvjvqz9sjpyKeICwdlunK8ruhypKxhjAj96F3x2h4gFtxjKpJpJLB4sHM18u64v167o gtEhiIK 9w2lmK9f24Jn2Ipo7bFug7r9mELdhmkKalzEvm6mInyt9vGM7uA6f4uoDrxFGoyFpK4acGbBMnwpp4s6sDrAjHy8q77 G aKkiyKAM4A9mfw2nllkiF4hxaJbtBlE s5JuChrqvg1G6x6Lqwl6mmHEADAnJi3b8LroLqJgd48Fgpa7GFgnzhyKJIMMk5gJqHbux14iu5MJ6ikI18pkzJltl4Iq3L5kjeit4d7 EvJJb4aArcD4a2wl6aqfIFsk1b4K2z58cf65hqmDECn77mAd5eAfKiECbJHByCesjwKFAyaiD1d5d1Cbazmlti5pAEh4uMF9Ebpytuxz2Aj99lvDdC7pFrz i2ljo4FfJmEw8 McD2okKs 1wjuqBwwxi75sJpi2Eno8bpdw4a9wfqFamA5j3112d2wLege1oaffDusbvDrDtCevIobH3KMx1r1FwrLe1ksBnyAzm1I5I llllllllllllllllllllllll

Not Before

04/01/2013, 06:40

Not After

31/12/2039, 23:59

Subject

CN=jjjjjjjjjjjjjjjjjjjjjjjjjjjjj 9ii7twpwKHAF52j7tl4trGm2qjAptEMmympv48b6FxqbfJKHnj4bBmor2rGIul9tosHf8zbygEAgwCJpKypoKhegrqEevrcbgDwg12G GLl9n6HHEjGewkHn9xGsjofpCs8Fr1zvK1dktgfLeLsmfmy6sBmh7mvEE6k12r4kaHzcLexq9jbxannyGGpCh5fz6CAtIbkLwMKvwvoguHctyrdvzcswlJBAp5awuCLdzw841qyKA 72nEn1uoEpBI1pE9AArMclj3g5lbxAaahsleFnwlctGshtEgAgqhh7jo8xCMkJo Dj4Bkxney8KsD3DADtiLyIglEcAAhox1LnI3tuqF5L9cmGaaEnclFJo5ajMerbj MCIxJDFbJcf B6zb6rsKyfEsB33IrBHlmB7yE8DKK3vHjAh4jiFmmm4e6ELmkwB7ljzG 3avmglhFrxitgvxx1pKjxCq33FprKfL9qadtinq5gIDl2ubc2tGbKb11KGdfDppupidbe9sId5n 9r1tqerD3JsEBuzbwr5di5pDjHs75zLI9cCxmv5j5M149EI7y8 rclnu6x3q5tKE358 hk1GkbF5Bjf3uc5zwAi12vvKp9K3qxpima23thpgvw8u6xxqq5ELLLyarCppCmJsijHei8eL1oDDwn5fMd wA5y4D7fk JHtKHqjrpxushrufcy9ijaDAgpqglMuD BDacr9BJJs4nEL98 vcAyH74aojfoj5hmClrfydCdkm9ujopgmgs61isAin cB6alMGpsvFq9FGlKHCs52tu28BeIgcmHvnt832i3w3s9BowGDc4oqkcbnJ7MJ59gzC6EqsaFz8KkIEArEFLucrkwlam7ByEBsuuLxD6I3wswEjmjDCCsAL6K3lsAw2hrsn44D 7j8gpE2xJE4w4BL8ElrCClpgalIqvq6tyBFC5H9jvsjrmnEvb95AyliIyqw2sbFzoqgwyrpmq3yDHDJ7rvvdFcub1kxBk4Dkcp8fueeaFH1gGstg6fK7vhKbBhx8LiuLw 61efjhdspyIjKdyfoogfkD5bLLMMg9cngx16oFEAGaM3Cfqw88f9i ru2hGyK9gnt5eL85 up7qc5lsEotDFq1L2E8yorACB6yp5dwjtArxnCG21uML4AtmotJddtIGtg3ekC7tvpImbcH64pE3jJFDhJhaB6Abyjk247boGjbAqAxi7omKbaGKqh1ctjj9bf8g c 694sooBpwa8y564DE8Ahlj95d5mi28FoL5Bw4jxw45G9w Hwr8xMExpBg3aBDBwB3JK93wFqxemH4fzamygJvDAC7EEwguGy26xww9pEA9nawGAcLJ1BIFjmkLfhflznCs7MA8HkEttI eo3Cx1kruvhfnr63JxpIuHwindgL eqrixMAkbHmzBFv7e66unlqA1IG3K iLJM6zdd7KHnmnafh7GB ALaqKcogDdulMwueEwehgeFrMyhGzl1whjeFoGz3q3h8rme2Gy53E3GFgg3dgDuFMdn89xsi8gjHnKuf23 hCt6lpqsabk9eCoEsBuzb2HoL5j7hc8DBu1msnbL7sh6Bkcro8l27D3zGH8bp3l jDfCsM9hGdot5geI1szMDtvukof532m I5ih5xsij3taCz8JasGly1lI16lvi3ovlnHmCa27adjv4z5ptHJ3czopcvFt2rtKlCuFDMs5vsy3 wknhAsmcDvtEDAq3Bh BEJ4JKs1uLgjeCry2yJtrcbn63CLnF85wB7d73 k7MLJHgtd4oqbhMLygkDJME8IA3GBDBdJ7jGu5npweMreG49d5DAAscooDJEewz5r7cAgdgz16bCukMjoqhyGqMnG5gGoJbe1A73wnCa542xBjsIMi6e7crFeKgq6I4BK9Bq 3ypugtnCdiIoFtwsbLEIr35jo txiCbf47waiLdcvL DIg8jaCx4gBfMncru2C CkFbJutDbfwvz3nChbK9Hu3nJsrvvayw 6Aidtvvel19DMFGltAEId63Gp6d6yorGpmxCqzK1kl5yJ2dqA5DiCjyziMh2Ak2dMrgBq9sz9AICdDzmJkb5Lh51m7gdoLlc7nGjkABh tBoC3t8fly3HdwxifMyvH3x7qH35bivx9Kbo3KjA59E1h7BFHl3lLFI2aLII3Anzp9u2fup2w8x9oECtAIv3ImClMuxof5x6dFoqkcx3KMgMa6Dp224eMgxEcdfAMLBLIAIgxjLcyA9 xBLptqakkDnBimJLlMBFLlHplic2615c2KsvwEahj5qBwH11xKaK29oJwqELe25GAKaKelsHlKCDjtIAefKjdg4H gqu7xHIjzBuEklimm2iD v7aBIEhK5FqL2otzb5 zuArbj3GK4uHrHjJlgpzg8lkqpowvcoBB9cxvjvqz9sjpyKeICwdlunK8ruhypKxhjAj96F3x2h4gFtxjKpJpJLB4sHM18u64v167o gtEhiIK 9w2lmK9f24Jn2Ipo7bFug7r9mELdhmkKalzEvm6mInyt9vGM7uA6f4uoDrxFGoyFpK4acGbBMnwpp4s6sDrAjHy8q77 G aKkiyKAM4A9mfw2nllkiF4hxaJbtBlE s5JuChrqvg1G6x6Lqwl6mmHEADAnJi3b8LroLqJgd48Fgpa7GFgnzhyKJIMMk5gJqHbux14iu5MJ6ikI18pkzJltl4Iq3L5kjeit4d7 EvJJb4aArcD4a2wl6aqfIFsk1b4K2z58cf65hqmDECn77mAd5eAfKiECbJHByCesjwKFAyaiD1d5d1Cbazmlti5pAEh4uMF9Ebpytuxz2Aj99lvDdC7pFrz i2ljo4FfJmEw8 McD2okKs 1wjuqBwwxi75sJpi2Eno8bpdw4a9wfqFamA5j3112d2wLege1oaffDusbvDrDtCevIobH3KMx1r1FwrLe1ksBnyAzm1I5I llllllllllllllllllllllll

Extended Key Usages

ExtKeyUsageCodeSigning

14:b8:a9:3b:8c:00:85:dd:0d:04:e9:67:fa:9e:75:36:75:a4:8d:21
Signer

Actual PE Digest

14:b8:a9:3b:8c:00:85:dd:0d:04:e9:67:fa:9e:75:36:75:a4:8d:21

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleScreenBufferInfo
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeW
GetLogicalDrives
GetModuleHandleA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
FindFirstFileW
GetVolumeInformationW
OpenProcess
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
WideCharToMultiByte
lstrcpynW
FindClose
CloseHandle
VirtualAlloc
LoadLibraryW
GetTimeFormatW
GetProcAddress

user32

DispatchMessageA
EnableWindow
GetDC
GetDlgItem
GetDlgItemTextA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
IsDlgButtonChecked
LoadStringA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetWindowLongA
ShowWindow
wsprintfA
CheckDlgButton
CharPrevA
CharNextA
CallWindowProcA
LoadIconA
CheckRadioButton

gdi32

CreateFontIndirectA
DeleteObject
GetDeviceCaps
GetObjectA
GetStockObject

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

m9
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

m3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 691B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bbd8bfadced73a1e710f7ed0773872f

Code Sign

21:11:b4:ac:85:8b:69:62:b3:4d:c6:85:18:1c:b1:b9Certificate

Extended Key Usages

14:b8:a9:3b:8c:00:85:dd:0d:04:e9:67:fa:9e:75:36:75:a4:8d:21Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 3KB

m9 Size: 512B - Virtual size: 100B

m8 Size: 512B - Virtual size: 100B

m7 Size: 512B - Virtual size: 100B

m6 Size: 512B - Virtual size: 100B

m5 Size: 512B - Virtual size: 100B

m4 Size: 512B - Virtual size: 100B

m3 Size: 512B - Virtual size: 100B

.data Size: 111KB - Virtual size: 111KB

.data2 Size: 1024B - Virtual size: 691B

.rsrc Size: 45KB - Virtual size: 45KB

21:11:b4:ac:85:8b:69:62:b3:4d:c6:85:18:1c:b1:b9
Certificate

14:b8:a9:3b:8c:00:85:dd:0d:04:e9:67:fa:9e:75:36:75:a4:8d:21
Signer

.text
Size: 4KB - Virtual size: 3KB

m9
Size: 512B - Virtual size: 100B

m8
Size: 512B - Virtual size: 100B

m7
Size: 512B - Virtual size: 100B

m6
Size: 512B - Virtual size: 100B

m5
Size: 512B - Virtual size: 100B

m4
Size: 512B - Virtual size: 100B

m3
Size: 512B - Virtual size: 100B

.data
Size: 111KB - Virtual size: 111KB

.data2
Size: 1024B - Virtual size: 691B

.rsrc
Size: 45KB - Virtual size: 45KB