4d8e51aef3a20a478ed61982b3a366b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4d8e51aef3a20a478ed61982b3a366b2_JaffaCakes118
Size

1.2MB
MD5

4d8e51aef3a20a478ed61982b3a366b2
SHA1

2d583524130646bc9a689e537fcbe06f04da7f36
SHA256

2f0406b56f511aa19d5e9e896e4e86e33768550784b2c97a6bef65b1b60eba6a
SHA512

fa40ba4ec2cc1f7c79ae09a224436d587e6cc83119bb9e7668ffc1b6e94fe0c0916ec5f22a6a6eccdd845d2450649997bf630cb3e371030107560823726781c4
SSDEEP

24576:kIvEq8jlEBPkNShzxh7QjO+NhXh1l/JFfnE88smZ:zajiNOsbQjOuXh1lvESK

Score

1^/10

Malware Config

Signatures

Files

4d8e51aef3a20a478ed61982b3a366b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9983d7fd29033b27ff25774e825b1368

Code Sign

13:69:6f:0b:6e:c2:dd:be:44:ed:ae:56:78:51:02:32
Certificate

Issuer

CN=KXQBUZKKYJLHXTCKUW

Not Before

24-05-2019 15:07

Not After

31-12-2039 23:59

Subject

CN=KXQBUZKKYJLHXTCKUW

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07-06-2005 08:09

Not After

30-05-2020 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27-04-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02-05-2019 00:00

Not After

30-05-2020 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cf:d9:b9:8b:3c:89:82:88:f6:cb:43:cb:e4:2d:fd:25:83:c6:4c:3d
Signer

Actual PE Digest

cf:d9:b9:8b:3c:89:82:88:f6:cb:43:cb:e4:2d:fd:25:83:c6:4c:3d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
lstrlenW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
HeapSize
HeapReAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
InitializeCriticalSectionAndSpinCount
lstrcpyW
IsDebuggerPresent
TerminateProcess
GetSystemTimeAsFileTime
HeapFree
HeapCreate
TlsFree
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
SetUnhandledExceptionFilter
GetCommandLineA
WriteProcessMemory
lstrcmpiA
WritePrivateProfileStructW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAlloc
VerifyVersionInfoA
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
SwitchToThread
SuspendThread
Sleep
SizeofResource
SignalObjectAndWait
SetThreadPriority
SetThreadLocale
SetProcessShutdownParameters
SetLastError
SetFilePointerEx
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
SetConsoleCursor
RtlUnwind
ResumeThread
ResetEvent
RemoveDirectoryW
RemoveDirectoryA
ReleaseMutex
ReadProcessMemory
ReadFile
RaiseException
QueryPerformanceCounter
OutputDebugStringW
OpenProcess
MultiByteToWideChar
MulDiv
MoveFileW
Module32FirstW
LockResource
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
IsValidLocale
IsBadStringPtrA
IsBadHugeReadPtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
InitAtomTable
GlobalUnlock
GlobalSize
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadLocale
GetSystemInfo
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetSystemDefaultLangID
GetStdHandle
GetStartupInfoA
GetProcAddress
GetNumberFormatW
GetNamedPipeHandleStateW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDevicePowerState
GetDefaultCommConfigA
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleFontSize
GetConsoleAliasExesW
GetCommandLineW
GetCPInfo
GetACP
FreeResource
FreeLibrary
FormatMessageW
FormatMessageA
FlushFileBuffers
FindResourceW
FindNextVolumeA
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnumSystemLanguageGroupsW
EnumSystemLanguageGroupsA
EnumCalendarInfoW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateTimerQueueTimer
CreateThread
CreateFileW
CreateEventW
CreateEventA
CreateConsoleScreenBuffer
CompareStringW
CloseHandle

user32

ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
ToAscii
TrackPopupMenu
TrackPopupMenuEx
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WindowFromPoint
LoadIconA
LoadCursorFromFileA
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenuContextHelpId
SetMenu
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardData
SetClassLongW
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
ScrollWindow
ScrollDC
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterDeviceNotificationW
RegisterClipboardFormatW
RegisterClassW
RegisterClassA
RedrawWindow
RealChildWindowFromPoint
PtInRect
PostQuitMessage
PostMessageW
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
NotifyWinEvent
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MonitorFromRect
MessageBoxW
MessageBoxExW
MessageBoxA
MessageBeep
MapVirtualKeyW
LockWindowUpdate
ShowOwnedPopups
LoadKeyboardLayoutW
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetUserObjectInformationW
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetMonitorInfoW
GetMessagePos
GetMessageExtraInfo
GetMessageA
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
ShowCursor
ShowCaret
SetWindowsHookExW
SetWindowTextW
SetWindowRgn
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
LoadStringW
SetScrollRange
ActivateKeyboardLayout
AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
CallMsgFilter
CallNextHookEx
CallWindowProcW
CharLowerBuffW
CharLowerW
CharNextW
CharUpperBuffW
CheckMenuItem
ClientToScreen
CloseClipboard
CopyImage
CountClipboardFormats
CreateIcon
CreateMenu
CreatePopupMenu
GetClipboardFormatNameW
GetClipboardData
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndMenu
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxIndirectParamW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreateWindowExA
MapWindowPoints

gdi32

GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetMapMode
GetNearestPaletteIndex
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextAlign
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
OffsetRgn
PatBlt
Pie
PlayEnhMetaFile
GetCurrentObject
PolyBezierTo
Polygon
Polyline
RealizePalette
RectVisible
Rectangle
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetMapMode
SetPixel
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
StartPage
StretchBlt
StretchDIBits
UnrealizeObject
XLATEOBJ_iXlate
GetClipBox
GetBrushOrgEx
GetBkColor
GetBitmapBits
GdiGetDevmodeForPage
GdiFlush
FrameRgn
ExtTextOutW
ExtFloodFill
ExcludeClipRect
EnumFontsW
EnumFontFamiliesExW
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePenIndirect
CreatePen
CreatePatternBrush
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineRgn
Chord
PolyBezier
Arc
BitBlt

advapi32

RegCloseKey
RegDeleteValueW
RegFlushKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegOpenKeyA
RegCreateKeyExW

shell32

ExtractIconExA
SHEmptyRecycleBinW
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
ExtractAssociatedIconW

ole32

StringFromCLSID
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
OleUninitialize
OleSetClipboard
OleInitialize
OleGetClipboard
IsEqualGUID
DoDragDrop
CreateStreamOnHGlobal
CreateDataAdviseHolder
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromString

comctl32

ImageList_Read
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DrawEx
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragMove
ImageList_Remove
ImageList_DragEnter
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_Add
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_Replace
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
ord17
InitializeFlatSB
ImageList_DragLeave
_TrackMouseEvent

imm32

ImmDisableIME

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 881KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9983d7fd29033b27ff25774e825b1368

Code Sign

13:69:6f:0b:6e:c2:dd:be:44:ed:ae:56:78:51:02:32Certificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

cf:d9:b9:8b:3c:89:82:88:f6:cb:43:cb:e4:2d:fd:25:83:c6:4c:3dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

imm32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 6KB - Virtual size: 8KB

.rsrc Size: 37KB - Virtual size: 881KB

13:69:6f:0b:6e:c2:dd:be:44:ed:ae:56:78:51:02:32
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

cf:d9:b9:8b:3c:89:82:88:f6:cb:43:cb:e4:2d:fd:25:83:c6:4c:3d
Signer

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 37KB - Virtual size: 881KB