eed944d3d991fa8bd6017bbdcd1e5e74_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eed944d3d991fa8bd6017bbdcd1e5e74_JaffaCakes118
Size

244KB
MD5

eed944d3d991fa8bd6017bbdcd1e5e74
SHA1

27ff0363488fde8805213eb13fbaf3cfaff0f4fb
SHA256

8163c58957f792740469c99e097db09fb33e962ad9ad8e4a0dade3d1e04d72e2
SHA512

c97e54d241cef5612c64aac63a037155fd557301ea7f981811366efe63f5c39b7bf9c68a5c28c05bbb9c104836e269fca06ec1498c3edda269ed02963d5d0435
SSDEEP

6144:qZrtXGIihxI2WZLKp79aO1XcbMjt2oaIJ8cWZhzCbFHTK9F:qiIUx+MH1XcAQIHuIo9F

Score

1^/10

Malware Config

Signatures

Files

eed944d3d991fa8bd6017bbdcd1e5e74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5e0bd1724b53dee95d6644bccd91a7d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02-03-2010 00:00

Not After

02-03-2011 23:59

Subject

CN=Comodo Security Solutions\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Comodo Security Solutions\, Inc.,L=Jersey City,ST=New Jersey,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:20:5f:fe:cc:78:c1:b7:56:35:4a:43:58:50:9f:cf:52:3d:01:76
Signer

Actual PE Digest

30:20:5f:fe:cc:78:c1:b7:56:35:4a:43:58:50:9f:cf:52:3d:01:76

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
LoadLibraryExA
GetCurrentThreadId
SearchPathA
GetProcAddress
GetUserDefaultLangID
GetLocaleInfoW
GetVersion
GetExitCodeProcess
GetCalendarInfoW

user32

CharUpperA
GetTopWindow
CharPrevW
LoadMenuIndirectW
GetActiveWindow
MonitorFromWindow
InvalidateRgn
LoadIconW
EnableWindow
UnregisterClassA
GetActiveWindow
GetMenuStringA
GetSysColorBrush
GetKeyboardLayout
LoadBitmapW
GetClassInfoW
PostMessageA
EndDialog
wsprintfW
GetAsyncKeyState
OpenClipboard
MessageBoxIndirectW
ShowCaret
PostMessageW
CreateDialogIndirectParamA
SetWindowTextA
GetClassInfoExW
MonitorFromPoint
RegisterClassExA
GetMenuItemRect
SetWindowLongW
SetActiveWindow
AppendMenuA
UnregisterClassW
DestroyCursor

gdi32

CreateColorSpaceW
CreateCompatibleDC
RemoveFontResourceExA
CreatePalette
ExtCreateRegion
CreateFontIndirectW
GetTextExtentPointW
CreateRoundRectRgn
CreateColorSpaceA

shell32

StrChrIW
StrChrA
SHGetFolderPathW
StrCmpNA
ExtractAssociatedIconA
SHGetFolderLocation
Shell_NotifyIconA
StrChrW
StrChrIA
Shell_NotifyIcon
StrRStrIA
StrRStrIW
SHBrowseForFolderW
ExtractAssociatedIconW
ShellExecuteEx
StrCmpNW

ws2_32

WSAStartup

inetcomm

EssMLHistoryEncodeEx
MimeOleGetCodePageCharset
CreateIMAPTransport2
HrSaveAttachToFile
MimeGetAddressFormatW
EssReceiptRequestDecodeEx
CreatePOP3Transport
MimeOleCreateBody
MimeOleCreateByteStream
MimeOleCreateHeaderTable
EssReceiptEncodeEx

Sections

.I
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t
Size: 4KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.huwqEK
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IW
Size: 512B - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lP
Size: 4KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qV
Size: 1024B - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NsWd
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.in
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cGMoKL
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lcpUIX
Size: 14KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x
Size: 3KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5e0bd1724b53dee95d6644bccd91a7d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8Certificate

Extended Key Usages

Key Usages

30:20:5f:fe:cc:78:c1:b7:56:35:4a:43:58:50:9f:cf:52:3d:01:76Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ws2_32

inetcomm

Sections

.I Size: 7KB - Virtual size: 6KB

.t Size: 4KB - Virtual size: 291KB

.huwqEK Size: 91KB - Virtual size: 90KB

.IW Size: 512B - Virtual size: 444KB

.lP Size: 4KB - Virtual size: 324KB

.qV Size: 1024B - Virtual size: 337KB

.NsWd Size: 12KB - Virtual size: 12KB

.in Size: 2KB - Virtual size: 12KB

.cGMoKL Size: 92KB - Virtual size: 92KB

.lcpUIX Size: 14KB - Virtual size: 120KB

.x Size: 3KB - Virtual size: 239KB

.rsrc Size: 6KB - Virtual size: 6KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

30:20:5f:fe:cc:78:c1:b7:56:35:4a:43:58:50:9f:cf:52:3d:01:76
Signer

.I
Size: 7KB - Virtual size: 6KB

.t
Size: 4KB - Virtual size: 291KB

.huwqEK
Size: 91KB - Virtual size: 90KB

.IW
Size: 512B - Virtual size: 444KB

.lP
Size: 4KB - Virtual size: 324KB

.qV
Size: 1024B - Virtual size: 337KB

.NsWd
Size: 12KB - Virtual size: 12KB

.in
Size: 2KB - Virtual size: 12KB

.cGMoKL
Size: 92KB - Virtual size: 92KB

.lcpUIX
Size: 14KB - Virtual size: 120KB

.x
Size: 3KB - Virtual size: 239KB

.rsrc
Size: 6KB - Virtual size: 6KB