53b597d0f54362a1110b1785beeebadf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

53b597d0f54362a1110b1785beeebadf_JaffaCakes118
Size

1.2MB
MD5

53b597d0f54362a1110b1785beeebadf
SHA1

74804f2afa946f1409385d5ac36830517039f9be
SHA256

803685bdfaac4bc57c3446181daa4d4bc73577f84df0ae2d6d9a1fcc4280f230
SHA512

8545cfbc1c084f6bbe5b8db61d9e7fe4bc7bdebabfdb56aab86667f52cacf486cb34699bbbcfd88e0f6fe97abb724e1cae0d673dfa525642f1f20b2b820bc243
SSDEEP

24576:dOhbGenqCPa8/eKdCMxnYQ3FBXwbldyCo:+JP1ehMxnr15wbqX

Score

1^/10

Malware Config

Signatures

Files

53b597d0f54362a1110b1785beeebadf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

91a00650bd2fa2cf698fd696121566e3

Code Sign

75:05:c0:43:0d:96:a5:a5:41:e7:82:17:12:a4:8f:84
Certificate

Issuer

CN=DXLKDZYB

Not Before

06/02/2019, 12:14

Not After

31/12/2039, 23:59

Subject

CN=DXLKDZYB

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

49:b0:2d:1b:16:dc:28:29:86:61:f7:b9:2a:e0:41:07:df:dd:51:fc:88:cc:38:3b:74:e3:91:59:32:f4:c0:8f
Signer

Actual PE Digest

49:b0:2d:1b:16:dc:28:29:86:61:f7:b9:2a:e0:41:07:df:dd:51:fc:88:cc:38:3b:74:e3:91:59:32:f4:c0:8f

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
FlushConsoleInputBuffer
FoldStringW
FormatMessageA
FormatMessageW
FreeLibrary
FreeResource
GetCommState
GetCommandLineW
GetComputerNameW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesW
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetSystemDefaultLangID
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetTickCount
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
FindResourceExW
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventW
OpenFileMappingA
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekConsoleInputA
QueryPerformanceCounter
RaiseException
ReadConsoleInputA
ReadFile
RemoveDirectoryW
ResetEvent
RtlUnwind
SetCommState
SetCommTimeouts
SetCurrentDirectoryW
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetLocaleInfoW
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleInputA
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrlenA
lstrlenW
LoadLibraryA
FindNextFileW
FindFirstFileW
FindClose
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnumUILanguagesW
EnterCriticalSection
DosDateTimeToFileTime
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
DecodePointer
DebugBreak
CreateThread
CreateProcessW
CreateMutexW
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CompareStringW
InitializeCriticalSection
CloseHandle
IsDebuggerPresent

user32

GetCapture
IsGUIThread
GetCaretBlinkTime
OpenIcon
GetKeyboardType
GetForegroundWindow
DestroyCursor
GetKBCodePage
IsCharLowerA
GetDlgCtrlID
LoadCursorFromFileW
CreateMenu
LoadCursorFromFileA
GetDC
EnumClipboardFormats
CloseDesktop
InSendMessage
GetSysColor
GetKeyboardLayout
GetWindowDC
CharUpperW
GetShellWindow
GetMenuContextHelpId
GetMessagePos
GetListBoxInfo
DestroyIcon
UnregisterClassW
TranslateMessage
SetForegroundWindow
SendMessageTimeoutW
RegisterClassW
PostThreadMessageW
PostQuitMessage
PostMessageW
LoadStringW
LoadIconW
LoadCursorW
IsWindowEnabled
GetSystemMetrics
GetMessageW
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyState
EnableWindow
DispatchMessageW
DestroyWindow
DefWindowProcW
CreateWindowExW
CharNextW
AttachThreadInput
ActivateKeyboardLayout
AnyPopup

gdi32

GetObjectW
GetTextMetricsW
SelectObject
AddFontResourceA
GetBkMode
GetTextColor
AddFontResourceW
GetPolyFillMode
AbortPath
CreatePatternBrush
DeleteObject
StrokePath
CreateMetaFileA
AbortDoc
UpdateColors
GetROP2
GetColorSpace
CloseEnhMetaFile
GetSystemPaletteUse
GdiGetBatchLimit
GetGraphicsMode
DeleteDC
GetStretchBltMode
CreateCompatibleDC
CreateFontIndirectW

advapi32

RegQueryValueExA
RegOpenKeyExW

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 878KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91a00650bd2fa2cf698fd696121566e3

Code Sign

75:05:c0:43:0d:96:a5:a5:41:e7:82:17:12:a4:8f:84Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

49:b0:2d:1b:16:dc:28:29:86:61:f7:b9:2a:e0:41:07:df:dd:51:fc:88:cc:38:3b:74:e3:91:59:32:f4:c0:8fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

imm32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1.1MB - Virtual size: 1.1MB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 83KB - Virtual size: 878KB

75:05:c0:43:0d:96:a5:a5:41:e7:82:17:12:a4:8f:84
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

49:b0:2d:1b:16:dc:28:29:86:61:f7:b9:2a:e0:41:07:df:dd:51:fc:88:cc:38:3b:74:e3:91:59:32:f4:c0:8f
Signer

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 83KB - Virtual size: 878KB