0a23a85d341f02299dd991e0dfdbb900_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0a23a85d341f02299dd991e0dfdbb900_JaffaCakes118
Size

1.4MB
MD5

0a23a85d341f02299dd991e0dfdbb900
SHA1

30301eac8aa5ec272dc7d882aed6c7f8360a7b5a
SHA256

1bd34183caa0f1e5c74ea549684f5e7b0d9938464f387a377772c1a88b05a4ff
SHA512

6ea8275ad175dfcfb284504d87aa58a3d14cc6169376b3f544bff57aef942b69d1d8f1abb42c65ba94670572df149844c26c8724eabc320c0a595154a0fc6879
SSDEEP

24576:PWhvCJ0W/IEleTRix16YJxY1me8tjSSm6tRNckr:uhvCKW/IEleTRejxYlijSSbx

Score

1^/10

Malware Config

Signatures

Files

0a23a85d341f02299dd991e0dfdbb900_JaffaCakes118
.exe windows:5 windows x86 arch:x86

494a98152b5f19badb413269a8d21d30

Code Sign

55:f4:93:81:89:0d:11:62:b8:f5:a9:e3:f9:6a:19:7b
Certificate

Issuer

CN=LYQQIJPU

Not Before

11-11-2018 12:46

Not After

31-12-2039 23:59

Subject

CN=LYQQIJPU

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8c:a3:ad:97:a9:71:ec:b3:b8:31:dc:ef:27:e9:4e:d2:a0:21:10:25:89:f0:05:5e:b5:c6:a1:5b:19:72:fc:cc
Signer

Actual PE Digest

8c:a3:ad:97:a9:71:ec:b3:b8:31:dc:ef:27:e9:4e:d2:a0:21:10:25:89:f0:05:5e:b5:c6:a1:5b:19:72:fc:cc

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
IsBadWritePtr
IsValidLanguageGroup
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadResource
LocalAlloc
LocalFlags
LocalFree
LocalReAlloc
LockFile
LockResource
MulDiv
MultiByteToWideChar
RaiseException
ReadConsoleInputA
ReadConsoleOutputCharacterW
ReadFile
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
IsBadCodePtr
SetThreadContext
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnregisterWait
VirtualFree
VirtualLock
WideCharToMultiByte
WinExec
WriteFile
WritePrivateProfileStringA
_llseek
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameA
GlobalFree
GlobalFlags
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetTimeZoneInformation
GetTimeFormatA
GetTickCount
GetThreadPriorityBoost
GetThreadLocale
GetSystemTime
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProfileStringA
GetProcessVersion
GetOEMCP
GetModuleFileNameA
GetLocalTime
GetLastError
GetLargestConsoleWindowSize
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
GetDevicePowerState
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageA
FlushFileBuffers
FindResourceA
FindNextVolumeMountPointW
FindFirstFileExW
FindFirstFileA
VirtualAlloc
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateProcessA
CreatePipe
CreateMutexA
CreateFileA
CompareStringW
CompareStringA
CloseHandle
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetStdHandle

user32

IsChild
IsDialogMessageA
IsIconic
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadStringA
LookupIconIdFromDirectoryEx
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemovePropA
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetRect
SetThreadDesktop
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowsHookExA
ShowCaret
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TranslateMessage
UnhookWindowsHookEx
UnloadKeyboardLayout
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA
GetWindowPlacement
GetWindowLongA
GetWindowDC
GetWindow
GetTopWindow
GetSystemMenu
GetSysColor
GetSubMenu
GetPropA
GetNextDlgTabItem
IsCharAlphaNumericA
GetMessageTime
GetMessagePos
GetMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetLastActivePopup
GetGuiResources
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCapture
FrameRect
ExcludeUpdateRgn
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextA
DrawIcon
DrawFocusRect
DrawEdge
DragObject
DragDetect
DlgDirSelectComboBoxExA
DlgDirListComboBoxW
DispatchMessageA
DestroyMenu
DefWindowProcA
DefDlgProcA
DdeSetUserHandle
DdeCreateDataHandle
CreateWindowExA
CreateDialogIndirectParamA
CreateCursor
CopyRect
CopyAcceleratorTableA
ClientToScreen
CheckMenuItem
CharUpperA
CallWindowProcA
CallNextHookEx
BeginPaint
AppendMenuA
AdjustWindowRectEx
GetSystemMetrics
GetActiveWindow
GetKeyState
OemKeyScan
CloseClipboard
GetShellWindow
DrawMenuBar
GetParent
CountClipboardFormats
DestroyWindow
CharNextA
CharLowerW
OpenIcon
InSendMessage
GetWindowTextLengthW
LoadCursorFromFileW
LoadCursorFromFileA
GetKeyboardType
InvalidateRect
IntersectRect
InflateRect
IMPSetIMEA
HideCaret
GrayStringA
GetWindowTextLengthA
GetWindowTextA
GetSysColorBrush
GetOpenClipboardWindow
GetNextDlgGroupItem
GetWindowRect
GetMenu

gdi32

ColorCorrectPalette
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateDIBitmap
CreateEllipticRgnIndirect
CreateFontIndirectA
CreatePen
CreateRectRgn
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
EngAcquireSemaphore
EngStrokeAndFillPath
EnumICMProfilesW
Escape
ExtEscape
ExtTextOutA
GdiCleanCacheDC
GdiConvertAndCheckDC
GdiEntry3
GetBkColor
GetClipBox
GetDeviceCaps
GetMapMode
GetObjectA
GetObjectW
BitBlt
GetSystemPaletteEntries
GetTextColor
GetTextExtentPointA
GetTextMetricsW
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LPtoDP
MirrorRgn
OffsetViewportOrgEx
PatBlt
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetLayoutWidth
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
StretchBlt
TextOutA
AddFontResourceTracking
AngleArc
AddFontResourceW
CreateCompatibleDC
GetEnhMetaFileW
EndPage
GetDCPenColor
GetPolyFillMode
GetStockObject
EndPath
GetColorSpace
GetPixel
EndDoc

comdlg32

GetFileTitleA

advapi32

RegQueryValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExA

shell32

DuplicateIcon
DragAcceptFiles
DragQueryPoint
ShellExecuteA
FindExecutableA
SHFileOperation
SHGetDiskFreeSpaceA

ole32

CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
OleFlushClipboard
OleInitialize
OleIsCurrentClipboard
OleUninitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter

shlwapi

StrChrW

comctl32

ImageList_Destroy
_TrackMouseEvent

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

494a98152b5f19badb413269a8d21d30

Code Sign

55:f4:93:81:89:0d:11:62:b8:f5:a9:e3:f9:6a:19:7bCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

8c:a3:ad:97:a9:71:ec:b3:b8:31:dc:ef:27:e9:4e:d2:a0:21:10:25:89:f0:05:5e:b5:c6:a1:5b:19:72:fc:ccSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 820B

.rsrc Size: 40KB - Virtual size: 664KB

55:f4:93:81:89:0d:11:62:b8:f5:a9:e3:f9:6a:19:7b
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

8c:a3:ad:97:a9:71:ec:b3:b8:31:dc:ef:27:e9:4e:d2:a0:21:10:25:89:f0:05:5e:b5:c6:a1:5b:19:72:fc:cc
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 820B

.rsrc
Size: 40KB - Virtual size: 664KB