5d1d04f6981be3d22f4db4c14831ad6e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5d1d04f6981be3d22f4db4c14831ad6e_JaffaCakes118
Size

66KB
MD5

5d1d04f6981be3d22f4db4c14831ad6e
SHA1

8e9d5a00781b438395a9f491c202df7327709aef
SHA256

b4f06ccc40afc1ae89f9c30b744780b8278f74518ef3e77c97aa0ddba65532dd
SHA512

7356b9adc812b42b2b5dda9f79ab2aa600017dfa74ddbe79394122d368f18c0dcf781009c251e627417af9b18a5b3f65002f1bfb69b2316f6c3a65ddb1b081b1
SSDEEP

1536:sZH5c6NkLZh4qrsp7alamqgpVIsvHNLk1eQ5RJ9JAopO0F+U:srWZh4qrm7alaepVIsRk1eGRZMq+U

Score

1^/10

Malware Config

Signatures

Files

5d1d04f6981be3d22f4db4c14831ad6e_JaffaCakes118
.rar
Stateent6_from_emerat_group.pdf.exe
.exe windows:4 windows x86 arch:x86

06c9498e730b0bee55b9f2054ca779de

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

88:64:22:6d:d5:62:64:b3:fa:eb:dc:3a:20:bc:32:3d:e0:d2:8e:82:c6:0c:fe:fc:ee:7d:21:38:a1:49:12:8b
Signer

Actual PE Digest

88:64:22:6d:d5:62:64:b3:fa:eb:dc:3a:20:bc:32:3d:e0:d2:8e:82:c6:0c:fe:fc:ee:7d:21:38:a1:49:12:8b

Digest Algorithm

sha256

PE Digest Matches

false

99:65:2f:94:fe:fc:aa:31:51:13:ba:91:4e:b9:87:16:a3:2b:94:77
Signer

Actual PE Digest

99:65:2f:94:fe:fc:aa:31:51:13:ba:91:4e:b9:87:16:a3:2b:94:77

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord585
ord589
ord696
ord628
ord629
ord663
ord522
EVENT_SINK_AddRef
ord561
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord685
ord100

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06c9498e730b0bee55b9f2054ca779de

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7Certificate

Extended Key Usages

Key Usages

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70Certificate

Extended Key Usages

Key Usages

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7Certificate

Extended Key Usages

Key Usages

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70Certificate

Extended Key Usages

Key Usages

88:64:22:6d:d5:62:64:b3:fa:eb:dc:3a:20:bc:32:3d:e0:d2:8e:82:c6:0c:fe:fc:ee:7d:21:38:a1:49:12:8bSigner

99:65:2f:94:fe:fc:aa:31:51:13:ba:91:4e:b9:87:16:a3:2b:94:77Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: - Virtual size: 2KB

.rsrc Size: 212KB - Virtual size: 211KB

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

88:64:22:6d:d5:62:64:b3:fa:eb:dc:3a:20:bc:32:3d:e0:d2:8e:82:c6:0c:fe:fc:ee:7d:21:38:a1:49:12:8b
Signer

99:65:2f:94:fe:fc:aa:31:51:13:ba:91:4e:b9:87:16:a3:2b:94:77
Signer

.text
Size: 36KB - Virtual size: 35KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 212KB - Virtual size: 211KB