194b0ffc24abb802656e1dba010c134e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

194b0ffc24abb802656e1dba010c134e_JaffaCakes118
Size

1.0MB
MD5

194b0ffc24abb802656e1dba010c134e
SHA1

a264829b541739dc0a2ec598600b5c1317800958
SHA256

925b389565fcfca729ebdc6f8aef4aa37186d5ac70ced53099321acdc51086d4
SHA512

47f8a627c2d26b5e64070527401ab9e1d450c3dd2b9ceda1c267e14081eeb3e83ebd48ac1cf68d245da7ae62266d3a33bdebe4eb0d2e16f46971f35ba93cbbb8
SSDEEP

12288:ui94bywx1Dj5+h7ZCn0P5T7lHDbIi9dszYjN5HbPiLsptcyx7tbFEujtgjg:uHx13SZW0x5j5dsYnHeYpuyx7tx/tgjg

Score

1^/10

Malware Config

Signatures

Files

194b0ffc24abb802656e1dba010c134e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

919a9aec1eff347967bff351784e8b43

Code Sign

7e:f3:00:91:52:fb:26:96:43:26:de:50:92:ec:72:ca
Certificate

Issuer

CN=XZZOXJSC

Not Before

25-12-2018 12:03

Not After

31-12-2039 23:59

Subject

CN=XZZOXJSC

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

09:34:b5:d6:1b:b8:75:2b:63:7d:fc:c1:e9:13:77:95:a1:4d:62:6e:bb:80:43:c6:d2:45:95:78:55:38:c0:22
Signer

Actual PE Digest

09:34:b5:d6:1b:b8:75:2b:63:7d:fc:c1:e9:13:77:95:a1:4d:62:6e:bb:80:43:c6:d2:45:95:78:55:38:c0:22

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetTickCount
GetTimeFormatA
GetUserDefaultLCID
GetVersion
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GetCommandLineA
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
IsDebuggerPresent
GetDateFormatW
LoadLibraryW
LocalAlloc
LocalFree
MoveFileW
MultiByteToWideChar
OpenEventW
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ResetEvent
ResumeThread
RtlUnwind
SetEndOfFile
SetEvent
SetFilePointer
SetHandleCount
SetLastError
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiW
lstrlenA
lstrlenW
GetCPInfo
FreeLibrary
FormatMessageW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitProcess
DuplicateHandle
DeleteFileW
DeleteFileA
CreateProcessW
CreateMutexW
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
GetCurrentProcessId
LoadLibraryA
GetCurrentProcess
CopyFileW
GlobalHandle
CloseHandle

user32

IsCharUpperW
GetMenuItemCount
CharUpperW
wsprintfA
UpdateWindow
SystemParametersInfoA
SetTimer
SetCursor
SendMessageA
ReleaseDC
PostMessageA
LoadStringA
LoadCursorA
KillTimer
GetParent
GetDlgItem
GetDC

gdi32

BeginPath
CreateMetaFileW

advapi32

AccessCheck
AllocateAndInitializeSid
FreeSid
GetLengthSid
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
OpenProcessToken
OpenThreadToken
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegOpenKeyExW
AddAccessAllowedAce

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

919a9aec1eff347967bff351784e8b43

Code Sign

7e:f3:00:91:52:fb:26:96:43:26:de:50:92:ec:72:caCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

09:34:b5:d6:1b:b8:75:2b:63:7d:fc:c1:e9:13:77:95:a1:4d:62:6e:bb:80:43:c6:d2:45:95:78:55:38:c0:22Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 4KB - Virtual size: 1.0MB

7e:f3:00:91:52:fb:26:96:43:26:de:50:92:ec:72:ca
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

09:34:b5:d6:1b:b8:75:2b:63:7d:fc:c1:e9:13:77:95:a1:4d:62:6e:bb:80:43:c6:d2:45:95:78:55:38:c0:22
Signer

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 4KB - Virtual size: 1.0MB