0cca0a9832b372a44179ab77ab15d7ea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0cca0a9832b372a44179ab77ab15d7ea_JaffaCakes118
Size

2.1MB
MD5

0cca0a9832b372a44179ab77ab15d7ea
SHA1

750d71664ff8db04c77cbb9e5928ead7ad61635e
SHA256

3b47a1a8d51b8b5963dc49026e72b236852007a135b6a21b764caed18ff88d40
SHA512

d12b1580178b22b23badbf9654287799e656e6e418563b1df91be5c5067a9b4dd453495e66d867cbfffe9c1bcbda8a3edec6c054ac084b71a8f51143f0413ff3
SSDEEP

49152:Pz1VUFWzCJegYMfKfiVZ88kXetY0k+SvNOt:5OLJXfmirqMMvNOt

Score

1^/10

Malware Config

Signatures

Files

0cca0a9832b372a44179ab77ab15d7ea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d84d3bbc6bd6e819e920d6ea3bd016b2

Code Sign

58:ae:fa:fc:0a:3f:c9:6a:b0:6c:5b:77:24:b4:bb:0e
Certificate

Issuer

CN=DGCLTYFQ

Not Before

03-12-2018 11:16

Not After

31-12-2039 23:59

Subject

CN=DGCLTYFQ

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:57:73:55:be:c9:36:c5:6f:9e:8e:9a:c8:6e:fb:96:fc:8f:83:3c:a3:3b:af:86:d7:7e:0d:c4:29:c0:b0:0e
Signer

Actual PE Digest

48:57:73:55:be:c9:36:c5:6f:9e:8e:9a:c8:6e:fb:96:fc:8f:83:3c:a3:3b:af:86:d7:7e:0d:c4:29:c0:b0:0e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultUILanguage
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLangID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadStringPtrA
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MulDiv
MultiByteToWideChar
OpenJobObjectA
OutputDebugStringW
PostQueuedCompletionStatus
QueryPerformanceCounter
GetStringTypeW
ReadFile
ReadProcessMemory
RtlUnwind
SetEnvironmentVariableA
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyA
lstrlenA
lstrlenW
InitializeCriticalSectionAndSpinCount
GetStringTypeExW
GetStringTypeA
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionA
GetPrivateProfileIntW
GetOEMCP
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetEnvironmentStringsW
GetEnvironmentStrings
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushInstructionCache
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FatalAppExitW
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessA
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
CreateDirectoryA
CompareStringW
CompareStringA
CloseHandle
GetModuleHandleA
SetErrorMode
RaiseException
VirtualAlloc

user32

LoadCursorW
LoadIconW
LoadImageW
LoadStringW
LockWindowUpdate
LockWorkStation
MapWindowPoints
MessageBoxA
MessageBoxIndirectA
MessageBoxW
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
PeekMessageW
PostMessageA
PostMessageW
PostThreadMessageA
PostThreadMessageW
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropA
ScrollDC
ScrollWindow
SendMessageA
SendMessageCallbackA
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetCapture
SetClassLongW
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetParent
SetPropA
SetScrollInfo
SetTimer
SetUserObjectInformationA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
ToAscii
TranslateMessage
UnregisterClassW
UpdateWindow
ValidateRect
WaitForInputIdle
WindowFromPoint
wsprintfA
wsprintfW
GetKeyboardState
LoadBitmapW
GetForegroundWindow
GetDCEx
GetDC
GetCursorPos
GetClipboardFormatNameW
GetClientRect
GetClassNameA
GetClassLongW
GetClassInfoW
GetCapture
FrameRect
FindWindowW
FindWindowExW
FindWindowExA
FillRect
EnumWindows
EnumThreadWindows
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyIcon
DestroyCaret
DeferWindowPos
DefWindowProcW
CreateWindowExW
CreateIconFromResource
CountClipboardFormats
CopyImage
ChildWindowFromPointEx
CharUpperW
CharUpperBuffW
CharToOemW
CharLowerW
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AttachThreadInput
ArrangeIconicWindows
AnimateWindow
AdjustWindowRectEx
IsGUIThread
IsMenu
GetMenuCheckMarkDimensions
GetDlgCtrlID
IsCharAlphaNumericW
GetAsyncKeyState
GetDesktopWindow
IsWindowEnabled
DrawMenuBar
GetOpenClipboardWindow
CopyIcon
CreatePopupMenu
GetMessageTime
GetActiveWindow
GetParent
GetSystemMetrics
CharNextA
LoadCursorFromFileW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindow
IsIconic
InvalidateRect
InsertMenuW
InflateRect
IMPQueryIMEA
GetWindowThreadProcessId
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetUserObjectInformationW
GetUpdateRect
GetThreadDesktop
GetSystemMenu
GetScrollPos
GetScrollInfo
GetPropA
GetMessageW
GetKeyState
GetMenu
GetMenuItemCount
GetTopWindow
GetDialogBaseUnits
InSendMessage
GetKBCodePage
GetMessagePos
GetKeyboardLayout
ShowCaret
CharLowerA
GetClipboardViewer
LoadIconA
EndPaint

gdi32

AddFontResourceW
EndPage
GetObjectType
AddFontResourceA
CopyMetaFileW
CreateFontIndirectExA
CreateSolidBrush
DeleteDC
EngDeleteSurface
EngGetDriverName
EngStretchBltROP
EnumFontFamiliesA
EnumMetaFile
ExtFloodFill
GdiCleanCacheDC
GdiCreateLocalEnhMetaFile
GdiEntry10
GdiEntry12
GdiEntry2
GdiGetPageCount
GdiPlayDCScript
GdiQueryFonts
GdiTransparentBlt
GdiValidateHandle
AbortDoc
GetBoundsRect
GetCharABCWidthsW
GetCharWidthFloatA
GetCharacterPlacementW
GetDCOrgEx
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
GetFontAssocStatus
GetMetaFileA
GetNearestPaletteIndex
GetTextCharacterExtra
GetTextExtentExPointA
GetTextExtentExPointW
GetViewportOrgEx
GetWindowExtEx
OffsetRgn
PATHOBJ_bEnumClipLines
PatBlt
PlgBlt
SetBoundsRect
SetDCBrushColor
SetMetaFileBitsEx
StrokeAndFillPath
bMakePathNameW
GetTextAlign
FlattenPath
FillPath
EndPath
WidenPath
DeleteColorSpace
RealizePalette
GetBitmapBits
GetColorSpace
CreateHalftonePalette

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExW

shell32

SHGetDesktopFolder
Shell_NotifyIconW
Shell_NotifyIconA
ShellExecuteExW
CommandLineToArgvW
ExtractAssociatedIconExA
FindExecutableA
FindExecutableW
SHCreateProcessAsUserW
SHEmptyRecycleBinW
SHGetDataFromIDListW
WOWShellExecute
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHQueryRecycleBinA

shlwapi

StrChrW
StrCmpNW
PathFileExistsW
StrRChrA

comctl32

InitCommonControlsEx

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d84d3bbc6bd6e819e920d6ea3bd016b2

Code Sign

58:ae:fa:fc:0a:3f:c9:6a:b0:6c:5b:77:24:b4:bb:0eCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

48:57:73:55:be:c9:36:c5:6f:9e:8e:9a:c8:6e:fb:96:fc:8f:83:3c:a3:3b:af:86:d7:7e:0d:c4:29:c0:b0:0eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

58:ae:fa:fc:0a:3f:c9:6a:b0:6c:5b:77:24:b4:bb:0e
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

48:57:73:55:be:c9:36:c5:6f:9e:8e:9a:c8:6e:fb:96:fc:8f:83:3c:a3:3b:af:86:d7:7e:0d:c4:29:c0:b0:0e
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB