151a63bd490b9e78d82c4b15a93253dd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

151a63bd490b9e78d82c4b15a93253dd_JaffaCakes118
Size

1.1MB
MD5

151a63bd490b9e78d82c4b15a93253dd
SHA1

4134ee24f0ce13041c783641926c8d1599382831
SHA256

1204574d3d67a4f843f23fd0876e049fcb91df84f5f1f0bae662c09c7903344b
SHA512

465e27dd08d74fd84359f453fc1292728d4e6da028b3b59672b7cc45c34feae161d14703ff548e781fbe09b908332323689f8de1def1395cf92398bec5b9e7a2
SSDEEP

24576:YSAncAYmfwxwYiinV+HsciFIkItmwpSnK5sTwWZ:ucAYxJiiVqsNwpSnbTf

Score

1^/10

Malware Config

Signatures

Files

151a63bd490b9e78d82c4b15a93253dd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

93c54bf1e418528f2f0df3bf8afdd158

Code Sign

b3:12:fd:1b:7f:10:cf:48:c4:80:80:b2:40:91:fb:8e
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

20-10-2014 00:00

Not After

20-10-2015 23:59

Subject

CN=Winston Project,O=Winston Project,POSTALCODE=2025,STREET=Dasoupoli Strovolos+STREET=Athinodorou 3,L=Nicosia,ST=Cyprus,C=CY

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09-07-1999 18:31

Not After

09-07-2019 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24-08-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d4:fe:7d:b0:08:b3:3b:ae:a8:1d:71:fa:cb:0a:73:b0:0d:24:70:28
Signer

Actual PE Digest

d4:fe:7d:b0:08:b3:3b:ae:a8:1d:71:fa:cb:0a:73:b0:0d:24:70:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetConnectW
InternetReadFile
InternetSetOptionW
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle

rpcrt4

UuidCreateSequential

iphlpapi

GetAdaptersInfo

kernel32

MultiByteToWideChar
GetProcAddress
OpenProcess
GetExitCodeProcess
OpenThread
WaitForSingleObject
GetFileType
FindClose
CloseHandle
GetTimeZoneInformation
GetTickCount
PeekNamedPipe
GetMailslotInfo
GetModuleHandleW
GetTempPathW
GetDiskFreeSpaceW
FindFirstFileW
FindNextFileW
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
CreateFileW
FreeLibrary
TerminateProcess
Sleep
LoadLibraryA
LoadLibraryW
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcessId
GetModuleHandleA
GetFileSize
GetFileSizeEx
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
GetSystemTimeAsFileTime
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetFileAttributesW
LocalFree
GetVersion
GetModuleFileNameW
CreateMutexW
OpenMutexW
GlobalHandle
GlobalFree
lstrcmpiW
LoadLibraryExW
GetStdHandle
QueryPerformanceCounter
FindResourceExW
GetVersionExA
FlushConsoleInputBuffer
UnhandledExceptionFilter
GetCPInfo
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetCommandLineW
IsDebuggerPresent
ExitThread
CreateThread
RtlUnwind
GetStringTypeW
EncodePointer
DecodePointer
HeapSize
HeapReAlloc
HeapDestroy
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
InterlockedCompareExchange
lstrcmpW
MulDiv
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
GetCurrentThreadId
RaiseException
GetCurrentProcess
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleCP
LockResource
InterlockedDecrement
InterlockedIncrement
GlobalMemoryStatus
FindResourceW
SetUnhandledExceptionFilter
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadConsoleW
SetStdHandle
SetFilePointerEx
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
TlsGetValue
TlsSetValue

user32

CreateDialogIndirectParamW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetWindowThreadProcessId
EnumWindows
GetMonitorInfoW
MonitorFromWindow
IsDialogMessageW
MapWindowPoints
GetWindowRect
PostQuitMessage
GetLastInputInfo
PostMessageW
MapDialogRect
LoadCursorW
GetWindow
GetClassNameW
GetParent
GetDesktopWindow
SetWindowLongW
GetWindowLongW
FillRect
ClientToScreen
SetWindowContextHelpId
GetClientRect
GetWindowTextLengthW
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
DestroyAcceleratorTable
CreateAcceleratorTableW
SetTimer
ReleaseCapture
SetCapture
GetFocus
SetFocus
CharNextW
SendDlgItemMessageW
GetDlgItem
EndDialog
SetWindowPos
MoveWindow
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
SendMessageW
RegisterWindowMessageW
GetSysColor
UnregisterClassW
ScreenToClient

gdi32

SelectObject
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
BitBlt
GetObjectW
GetDeviceCaps

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
GetTokenInformation
LookupAccountSidW
RegSetValueW
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegCreateKeyExW
RegCloseKey

shell32

SHGetFolderPathW
SHFileOperationW
ShellExecuteExW

ole32

CLSIDFromProgID
StringFromGUID2
CoCreateInstance
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
OleLockRunning
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemRealloc
CLSIDFromString

oleaut32

SysStringLen
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
SysFreeString
OleCreateFontIndirect
VarUI4FromStr
SysAllocStringLen
DispCallFunc
SysAllocString

comctl32

InitCommonControlsEx

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

Sections

.text
Size: 816KB - Virtual size: 816KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93c54bf1e418528f2f0df3bf8afdd158

Code Sign

b3:12:fd:1b:7f:10:cf:48:c4:80:80:b2:40:91:fb:8eCertificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

d4:fe:7d:b0:08:b3:3b:ae:a8:1d:71:fa:cb:0a:73:b0:0d:24:70:28Signer

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

rpcrt4

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

psapi

Sections

.text Size: 816KB - Virtual size: 816KB

.rdata Size: 270KB - Virtual size: 270KB

.data Size: 29KB - Virtual size: 50KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2KB - Virtual size: 2KB

b3:12:fd:1b:7f:10:cf:48:c4:80:80:b2:40:91:fb:8e
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

d4:fe:7d:b0:08:b3:3b:ae:a8:1d:71:fa:cb:0a:73:b0:0d:24:70:28
Signer

.text
Size: 816KB - Virtual size: 816KB

.rdata
Size: 270KB - Virtual size: 270KB

.data
Size: 29KB - Virtual size: 50KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2KB - Virtual size: 2KB