General

Malware Config

Signatures

Files

• 050522542461760a14f494ebf773b379_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  977ebc4937129faa4ea697c66c04219f

  
  

  Code Sign

  1e:9b:be:31:31:84:50:a5:48:ba:d3:e5:61:f4:ad:79

  Certificate

  Issuer

  CN=SGNGGXOG

  Not Before

  07-02-2019 16:31

  Not After

  31-12-2039 23:59

  Subject

  CN=SGNGGXOG

  Extended Key Usages

  ExtKeyUsageCodeSigning

  16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  c8:42:22:5a:a4:c9:ea:89:9f:4b:46:9c:b2:da:8a:06:d9:8d:d8:4c

  Signer

  Actual PE Digest

  c8:42:22:5a:a4:c9:ea:89:9f:4b:46:9c:b2:da:8a:06:d9:8d:d8:4c

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  InitializeCriticalSectionAndSpinCount

  GetSystemDirectoryW

  LoadLibraryExW

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  SystemTimeToFileTime

  FileTimeToSystemTime

  SetLastError

  GetLastError

  GetCurrentProcessId

  CloseHandle

  GetSystemTime

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  GetModuleFileNameW

  GetTimeFormatW

  GetDateFormatW

  FileTimeToLocalFileTime

  GetModuleHandleA

  GetModuleHandleW

  GetFileAttributesW

  GetVersion

  lstrcmpiA

  LoadLibraryA

  OutputDebugStringA

  MultiByteToWideChar

  GetFileAttributesA

  GetFileTime

  CreateFileA

  DeleteFileA

  WriteFile

  GetTempPathA

  ReadFile

  SetCurrentDirectoryA

  lstrlenA

  CompareFileTime

  WaitForSingleObject

  IsBadWritePtr

  IsDBCSLeadByte

  GetProfileStringA

  GetSystemDefaultLCID

  WideCharToMultiByte

  GetACP

  GetCurrentThreadId

  lstrlenW

  FreeResource

  LockResource

  LoadResource

  GlobalAddAtomA

  GetCurrentThread

  TlsSetValue

  SizeofResource

  FindResourceW

  TlsGetValue

  LocalAlloc

  FindResourceA

  TlsAlloc

  GetVersionExA

  lstrcmpA

  lstrcmpW

  VirtualProtect

  QueryPerformanceCounter

  GetTickCount

  GetSystemTimeAsFileTime

  GetProcessHeap

  InterlockedExchange

  Sleep

  InterlockedCompareExchange

  GetStartupInfoA

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  RaiseException

  GetCurrentDirectoryA

  VirtualAlloc

  user32

  GetSubMenu

  GetMenu

  IsWindowEnabled

  GetLastActivePopup

  GetForegroundWindow

  RegisterClassA

  CreateWindowExW

  GetClassInfoA

  GetClassInfoW

  GetDlgCtrlID

  GetTopWindow

  AdjustWindowRectEx

  SystemParametersInfoA

  GetMonitorInfoA

  MonitorFromWindow

  RemovePropA

  GetPropA

  SetPropA

  SetWindowLongW

  GetWindowLongW

  SetWindowsHookExA

  CheckMenuItem

  EnableMenuItem

  GetMenuState

  ModifyMenuA

  GetNextDlgTabItem

  GetCursorPos

  ValidateRect

  GetKeyState

  DispatchMessageA

  TranslateMessage

  GetMessageA

  IsWindowVisible

  MessageBoxA

  TranslateAcceleratorA

  GetDesktopWindow

  BringWindowToTop

  LoadAcceleratorsA

  DestroyMenu

  LoadMenuA

  WinHelpA

  SetMenu

  EndDialog

  CreateDialogIndirectParamA

  CreateDialogIndirectParamW

  DialogBoxIndirectParamA

  DialogBoxIndirectParamW

  TabbedTextOutA

  DrawTextA

  GrayStringA

  DrawTextW

  ModifyMenuW

  TabbedTextOutW

  GetMenuItemID

  GetClassNameA

  SetWindowTextA

  UnregisterClassA

  UnregisterClassW

  CopyRect

  IsDialogMessageW

  IsDialogMessageA

  GetWindow

  IsWindowUnicode

  DefWindowProcA

  CallWindowProcA

  GetMessageTime

  GetMessagePos

  GetWindowLongA

  SetWindowsHookExW

  UnhookWindowsHookEx

  CallNextHookEx

  LoadStringA

  GetWindowTextLengthA

  GetWindowTextW

  GetWindowTextA

  BeginDeferWindowPos

  EndDeferWindowPos

  DeferWindowPos

  GetAsyncKeyState

  SendDlgItemMessageA

  DrawFocusRect

  DrawIcon

  CharPrevA

  DestroyWindow

  IsCharAlphaNumericA

  CharNextA

  GetDC

  ReleaseDC

  MapDialogRect

  MessageBoxW

  ShowWindow

  LoadMenuW

  GetActiveWindow

  GetOpenClipboardWindow

  AnyPopup

  GetCaretBlinkTime

  CopyIcon

  ShowCaret

  GetThreadDesktop

  VkKeyScanA

  CloseWindow

  GetQueueStatus

  GetMenuContextHelpId

  DestroyCursor

  GetInputState

  GetClipboardSequenceNumber

  gdi32

  CreateMetaFileW

  GetEnhMetaFileW

  PathToRegion

  GdiFlush

  CloseEnhMetaFile

  GetColorSpace

  AddFontResourceA

  BeginPath

  CloseFigure

  GetTextCharset

  CreateMetaFileA

  CancelDC

  advapi32

  RegOpenKeyExA

  RegQueryValueExW

  Sections

  .text

  Size: 150KB - Virtual size: 149KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1.3MB - Virtual size: 1.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 57KB - Virtual size: 540KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE