050522542461760a14f494ebf773b379_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

050522542461760a14f494ebf773b379_JaffaCakes118
Size

1.5MB
MD5

050522542461760a14f494ebf773b379
SHA1

cb8fe1a86a10d92370437a79a0c7fab89c84ab9d
SHA256

404ae50b0e1bce4b8421cc654b54591fcc84edd600c76e1a2dda1e0653a6cfe9
SHA512

feda6015ea1625ecb1300a867210820c8ad477424e8cc9051f9e7890d4b823929d0fe2030e5e8c245b66d2d17ed8fa90ac85f0d6fbcc2c36714bc757e0a6f3b3
SSDEEP

24576:xYk/M+6NAAYYLvYQinzG34vLlNICwZPu0fFot:w2AYYLPp34DuJot

Score

1^/10

Malware Config

Signatures

Files

050522542461760a14f494ebf773b379_JaffaCakes118
.exe windows:4 windows x86 arch:x86

977ebc4937129faa4ea697c66c04219f

Code Sign

1e:9b:be:31:31:84:50:a5:48:ba:d3:e5:61:f4:ad:79
Certificate

Issuer

CN=SGNGGXOG

Not Before

07-02-2019 16:31

Not After

31-12-2039 23:59

Subject

CN=SGNGGXOG

Extended Key Usages

ExtKeyUsageCodeSigning

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c8:42:22:5a:a4:c9:ea:89:9f:4b:46:9c:b2:da:8a:06:d9:8d:d8:4c
Signer

Actual PE Digest

c8:42:22:5a:a4:c9:ea:89:9f:4b:46:9c:b2:da:8a:06:d9:8d:d8:4c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
GetSystemDirectoryW
LoadLibraryExW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
SetLastError
GetLastError
GetCurrentProcessId
CloseHandle
GetSystemTime
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
GetTimeFormatW
GetDateFormatW
FileTimeToLocalFileTime
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
GetVersion
lstrcmpiA
LoadLibraryA
OutputDebugStringA
MultiByteToWideChar
GetFileAttributesA
GetFileTime
CreateFileA
DeleteFileA
WriteFile
GetTempPathA
ReadFile
SetCurrentDirectoryA
lstrlenA
CompareFileTime
WaitForSingleObject
IsBadWritePtr
IsDBCSLeadByte
GetProfileStringA
GetSystemDefaultLCID
WideCharToMultiByte
GetACP
GetCurrentThreadId
lstrlenW
FreeResource
LockResource
LoadResource
GlobalAddAtomA
GetCurrentThread
TlsSetValue
SizeofResource
FindResourceW
TlsGetValue
LocalAlloc
FindResourceA
TlsAlloc
GetVersionExA
lstrcmpA
lstrcmpW
VirtualProtect
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetProcessHeap
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentDirectoryA
VirtualAlloc

user32

GetSubMenu
GetMenu
IsWindowEnabled
GetLastActivePopup
GetForegroundWindow
RegisterClassA
CreateWindowExW
GetClassInfoA
GetClassInfoW
GetDlgCtrlID
GetTopWindow
AdjustWindowRectEx
SystemParametersInfoA
GetMonitorInfoA
MonitorFromWindow
RemovePropA
GetPropA
SetPropA
SetWindowLongW
GetWindowLongW
SetWindowsHookExA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetNextDlgTabItem
GetCursorPos
ValidateRect
GetKeyState
DispatchMessageA
TranslateMessage
GetMessageA
IsWindowVisible
MessageBoxA
TranslateAcceleratorA
GetDesktopWindow
BringWindowToTop
LoadAcceleratorsA
DestroyMenu
LoadMenuA
WinHelpA
SetMenu
EndDialog
CreateDialogIndirectParamA
CreateDialogIndirectParamW
DialogBoxIndirectParamA
DialogBoxIndirectParamW
TabbedTextOutA
DrawTextA
GrayStringA
DrawTextW
ModifyMenuW
TabbedTextOutW
GetMenuItemID
GetClassNameA
SetWindowTextA
UnregisterClassA
UnregisterClassW
CopyRect
IsDialogMessageW
IsDialogMessageA
GetWindow
IsWindowUnicode
DefWindowProcA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindowLongA
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
LoadStringA
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
GetAsyncKeyState
SendDlgItemMessageA
DrawFocusRect
DrawIcon
CharPrevA
DestroyWindow
IsCharAlphaNumericA
CharNextA
GetDC
ReleaseDC
MapDialogRect
MessageBoxW
ShowWindow
LoadMenuW
GetActiveWindow
GetOpenClipboardWindow
AnyPopup
GetCaretBlinkTime
CopyIcon
ShowCaret
GetThreadDesktop
VkKeyScanA
CloseWindow
GetQueueStatus
GetMenuContextHelpId
DestroyCursor
GetInputState
GetClipboardSequenceNumber

gdi32

CreateMetaFileW
GetEnhMetaFileW
PathToRegion
GdiFlush
CloseEnhMetaFile
GetColorSpace
AddFontResourceA
BeginPath
CloseFigure
GetTextCharset
CreateMetaFileA
CancelDC

advapi32

RegOpenKeyExA
RegQueryValueExW

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

977ebc4937129faa4ea697c66c04219f

Code Sign

1e:9b:be:31:31:84:50:a5:48:ba:d3:e5:61:f4:ad:79Certificate

Extended Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

c8:42:22:5a:a4:c9:ea:89:9f:4b:46:9c:b2:da:8a:06:d9:8d:d8:4cSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 57KB - Virtual size: 540KB

1e:9b:be:31:31:84:50:a5:48:ba:d3:e5:61:f4:ad:79
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

c8:42:22:5a:a4:c9:ea:89:9f:4b:46:9c:b2:da:8a:06:d9:8d:d8:4c
Signer

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 57KB - Virtual size: 540KB