JaffaCakes118_e76c5cab93889205e1164cd7b9fa3f87

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_e76c5cab93889205e1164cd7b9fa3f87
Size

261KB
MD5

e76c5cab93889205e1164cd7b9fa3f87
SHA1

d30dff3bc86d564e8a83d2e2ee75991db3c6b3a4
SHA256

2e22b9dfbaf2706513c9b2cce666109e89c6982f2ef8aaf7800d5c09b2fe7a40
SHA512

9b5e8a7c54bf70e8c742f35a5180ca58e63693fa40d40136b88d8a97ec14d70169d3d0ad89c41b3090b920ed62d079c0b4cd4822893e991b315397ae69c8e0fa
SSDEEP

6144:sVBUNmwa38SsyUtYOp6TGpVZL49P8WKF90d9DqQkDij9F:sXmVVtYRKpVpgP8xz0d9DqQkDij9F

Score

1^/10

Malware Config

Signatures

Files

JaffaCakes118_e76c5cab93889205e1164cd7b9fa3f87
.exe windows:4 windows x86 arch:x86

6a47c7fb60ddc91d797b5f6988d48341

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02-03-2010 00:00

Not After

02-03-2011 23:59

Subject

CN=Comodo Security Solutions\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Comodo Security Solutions\, Inc.,L=Jersey City,ST=New Jersey,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b7:2e:80:9b:3e:0f:ac:e4:46:28:ee:c0:36:61:ad:86:2e:6e:50:f2
Signer

Actual PE Digest

b7:2e:80:9b:3e:0f:ac:e4:46:28:ee:c0:36:61:ad:86:2e:6e:50:f2

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
MoveFileA
RaiseException
CreateSemaphoreW
lstrcmpi
GetCurrentDirectoryW
OpenSemaphoreW
WaitForMultipleObjects
GetMailslotInfo
OpenEventA
GetCurrentDirectoryA
SetErrorMode
CreateDirectoryA
GetProcessHeap
SearchPathW
GetDateFormatW
HeapCreate
GetSystemInfo
SetLocaleInfoA
GetProcAddress
CopyFileExA
GetTimeFormatW
OpenMutexA
GetTimeFormatA
IsDebuggerPresent
GlobalFindAtomA
GetCalendarInfoA
GetProcessHeaps
GetAtomNameA
GetSystemDirectoryA
GetTempFileNameW
GetVersionExA
IsBadStringPtrW
CreateSemaphoreA
GetACP
GetFullPathNameA
lstrcpy
InitializeCriticalSection
GetStartupInfoW
MultiByteToWideChar
LoadLibraryA
GlobalFindAtomW
lstrcpyA
GetFileAttributesA
lstrcatW
QueryPerformanceFrequency
GlobalGetAtomNameA
lstrcmpW
Beep
FileTimeToLocalFileTime
CreateNamedPipeW
EnumDateFormatsA
OpenFile
GetNumberFormatA
DisconnectNamedPipe
CreateMailslotW
FileTimeToSystemTime
FileTimeToDosDateTime
lstrcmpiA
GetTickCount
LocalAlloc
lstrcmpA
GetExpandedNameA
SetCalendarInfoA
GetVersionExW
GetFileAttributesW
GetVolumeInformationA
GlobalDeleteAtom
lstrcpynW
GetExitCodeProcess
RemoveDirectoryA
GetVolumeInformationW
LoadLibraryA
GetCurrentProcess
lstrlenW
ExpandEnvironmentStringsA
GetModuleFileNameA
GetSystemDirectoryW
lstrlen

user32

ShowCursor
GetMenuItemCount
CharPrevA
keybd_event
GetSysColor
MoveWindow
CharUpperW
UnregisterClassW
WinHelpA
GetActiveWindow
GetScrollPos
RegisterWindowMessageW
GetDlgItemTextA
FindWindowA
SetDlgItemTextA
LoadCursorW
GetMenuStringW
AppendMenuA
ShowWindow
LoadIconA
SetWindowTextW
OffsetRect
GetAsyncKeyState
DestroyIcon
CheckMenuItem
PostMessageW
SetCapture
EnableWindow
GetMenuItemInfoA
WaitMessage
GetDlgItemInt
IsWindow
CopyRect
IsChild
GetMenuItemID
PostMessageA
GetMenuItemInfoW
DefWindowProcW
LoadMenuIndirectW
CreateDialogParamA
GetSubMenu
GetMenuItemRect
CharNextW
MessageBoxA
IsIconic
LoadBitmapA
EndDialog
GetDlgItemTextW
PeekMessageA
GetCaretPos
SetDlgItemInt
DialogBoxParamA
SetActiveWindow
EnumWindows
WinHelpW
GetClassInfoExW
CharNextA
IsDlgButtonChecked
SetParent
mouse_event
CreatePopupMenu
SetCursorPos
CopyIcon
wsprintfW
SendDlgItemMessageA
MessageBoxIndirectA
InsertMenuA
GetFocus
UnregisterClassA
SetFocus
FindWindowW
CreateMenu
CreateDesktopA
RegisterClassW
InvalidateRgn
DefWindowProcA
LoadImageA
LoadImageW
GetSystemMetrics
SetWindowRgn
MessageBoxW
GetTopWindow
SetWindowPos
ActivateKeyboardLayout
UpdateLayeredWindow
LoadMenuW
MonitorFromRect
IsMenu
CharLowerA
GetDesktopWindow
InsertMenuItemW
LoadCursorA
SetDlgItemTextW
GetMenu
SetForegroundWindow
MonitorFromPoint
PostQuitMessage
CreateDialogIndirectParamW
PeekMessageW
MessageBeep
RegisterClassExW
SetTimer
GetMenuStringA
ShowCaret
GetMenuState
CreateDialogIndirectParamA
AppendMenuW
GetSysColorBrush
LoadMenuA
WaitForInputIdle
RegisterWindowMessageA
CreateAcceleratorTableW
GetKeyState
EmptyClipboard
LoadMenuIndirectA
GetForegroundWindow
DialogBoxParamW
InvalidateRect
CreateDesktopW
EnumClipboardFormats
DialogBoxIndirectParamW
MessageBoxIndirectW
CharPrevW
CreateAcceleratorTableA
SendDlgItemMessageW
GetCapture
DestroyMenu
GetMessageW

gdi32

CreateFontIndirectExA
SelectBrushLocal
CreatePolyPolygonRgn
DeleteObject
SetMetaFileBitsEx
CreateBitmapIndirect
GetEnhMetaFileA
AddFontResourceA
CreatePalette
CreatePatternBrush
CreateFontIndirectW
RemoveFontResourceExW
GetRasterizerCaps
ExtCreateRegion
CreateSolidBrush
RemoveFontResourceExA
GetStockObject
CreateBitmap
CreateRoundRectRgn
CreateScalableFontResourceW
CreateFontA
AddFontResourceW
GetMetaFileA
CreatePolygonRgn
GetTextExtentPointA
SetEnhMetaFileBits
TranslateCharsetInfo
GetEnhMetaFilePixelFormat
RemoveFontResourceW
CreateDIBSection

advapi32

RegisterServiceCtrlHandlerExW
GetKernelObjectSecurity
ClearEventLogA
SetEntriesInAclW
SystemFunction001

ole32

CoGetClassObject
CoCreateGuid
OleUninitialize
CoGetInstanceFromIStorage
GetClassFile
CoInitialize
CoGetInstanceFromFile
CoGetMalloc
IsValidIid

version

VerQueryValueW
VerLanguageNameW
GetFileVersionInfoA
VerInstallFileA
VerFindFileW
GetFileVersionInfoW
VerInstallFileW
VerFindFileA
GetFileVersionInfoSizeW
VerQueryValueA

wininet

FtpPutFileEx
GetUrlCacheEntryInfoW
RetrieveUrlCacheEntryStreamA
UnlockUrlCacheEntryFileW
InternetFindNextFileA
CommitUrlCacheEntryW

cryptui

CryptUIDlgSelectCA
CryptUIDlgViewContext

sqlunirl

_CharPrev_@8
_LoadLibrary@4
_MoveFile@8
_StartService_@12
_lstrcmp_@8
_WaitNamedPipe_@8
__hwrite_@12
_LoadLibraryEx_@12
_CreateStatusWindow_@16
_GetClipboardFormatName_@12
_DefDlgProc_@16
_NDdeSetShareSecurity_@16
_RegQueryMultipleValues_@20
_ExtTextOut@32
_SearchPath_@24
_CreateWindowEx@48

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.YqLqNB
Size: 108KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lh
Size: 109KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a47c7fb60ddc91d797b5f6988d48341

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8Certificate

Extended Key Usages

Key Usages

b7:2e:80:9b:3e:0f:ac:e4:46:28:ee:c0:36:61:ad:86:2e:6e:50:f2Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

version

wininet

cryptui

sqlunirl

Sections

.text Size: 14KB - Virtual size: 16KB

.YqLqNB Size: 108KB - Virtual size: 170KB

.rdata Size: 8KB - Virtual size: 53KB

.Lh Size: 109KB - Virtual size: 182KB

.data Size: 5KB - Virtual size: 75KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 4KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

b7:2e:80:9b:3e:0f:ac:e4:46:28:ee:c0:36:61:ad:86:2e:6e:50:f2
Signer

.text
Size: 14KB - Virtual size: 16KB

.YqLqNB
Size: 108KB - Virtual size: 170KB

.rdata
Size: 8KB - Virtual size: 53KB

.Lh
Size: 109KB - Virtual size: 182KB

.data
Size: 5KB - Virtual size: 75KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 4KB