6498b2f31956681b01b0378ffa9e80a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6498b2f31956681b01b0378ffa9e80a4_JaffaCakes118
Size

3.9MB
MD5

6498b2f31956681b01b0378ffa9e80a4
SHA1

31da12d74e876f31dd267162cf10ce7cf62ef5da
SHA256

601deded2f213021c55776dbf28f6770d20b4a1aac42a042fa18979521752122
SHA512

8a2e8b8eeb20a466e3d525a2a0a471a6e16a8b6f1389dbd4657013e5829897f52ef12ab1e4d23c74821a11823892c1291aa70de9c70a756fddf246f658aa0c5b
SSDEEP

1536:IFrQaVDqBKUo9QHiHxxumcRRzokOz43Kni3KZjmn555PDXjwQxu:ybqwGiaWkOzrK555PDXjwQxu

Score

1^/10

Malware Config

Signatures

Files

6498b2f31956681b01b0378ffa9e80a4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

d98a12b9187c1806b8abeaa72c221e24

Code Sign

4c:22:49:c0:5b:f4:34:95:4e:b1:aa:8a:eb:5c:9a:f9
Certificate

Issuer

CN=LHBRCFUDYIUKZOUSAL

Not Before

02/10/2020, 04:56

Not After

31/12/2039, 23:59

Subject

CN=LHBRCFUDYIUKZOUSAL

Extended Key Usages

ExtKeyUsageCodeSigning

be:bf:a3:91:6c:c2:88:43:69:12:52:12:b6:4e:70:93:66:15:e6:18
Signer

Actual PE Digest

be:bf:a3:91:6c:c2:88:43:69:12:52:12:b6:4e:70:93:66:15:e6:18

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryA
GetProcAddress
GetModuleHandleA
VirtualAlloc
SetErrorMode
LockResource
LoadResource
FindResourceW
SetEvent
WaitForSingleObject
CreateEventW
FormatMessageW
GetSystemTime
GetFileType
GetConsoleMode
ReadConsoleW
AllocConsole
FreeConsole
WriteConsoleW
GetCurrentProcessId
LocalFree
CancelIo
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
ResetEvent
WaitForMultipleObjects
ExpandEnvironmentStringsW
GetCommandLineW
GetModuleFileNameW
SearchPathW
GetSystemTimeAsFileTime
QueryPerformanceCounter
FileTimeToSystemTime
QueryPerformanceFrequency
Sleep
SetEndOfFile
SetFilePointer
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileAttributesW
GetFileAttributesExW
DeleteFileW
MoveFileW
CreateDirectoryW
RemoveDirectoryW
CompareStringW
LCMapStringW
GetComputerNameW
FreeLibrary
GetSystemDirectoryA
FindClose
FindFirstFileW
FindNextFileW
OutputDebugStringW
GetVersionExW
GetSystemDirectoryW
CreateProcessW
SetHandleInformation
FlushFileBuffers
GetHandleInformation
GetLocaleInfoW
GetUserDefaultLCID
LocalAlloc
SizeofResource
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetTimeFormatW
GetTimeZoneInformation
GetExitCodeProcess
ResumeThread
CreateThread
TerminateThread
GetCurrentThread
GetThreadTimes
ExitProcess
RtlUnwind
RaiseException
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetModuleFileNameA
InterlockedExchange
SetHandleCount
FatalAppExitA
InterlockedIncrement
InterlockedDecrement
SetConsoleCtrlHandler
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
LCMapStringA
GetConsoleCP
CreateFileA
SetEnvironmentVariableA
SetEnvironmentVariableW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
CompareStringA
MapViewOfFile
CreateFileMappingW
OpenProcess
GetCurrentProcess
DuplicateHandle
UnmapViewOfFile
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateFileW
GetFileInformationByHandle
CloseHandle
ReadFile
WriteFile
GlobalAlloc
GlobalFree
LoadLibraryW
GetCurrentThreadId
SetLastError
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetModuleHandleW
GlobalLock
GlobalUnlock
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
GetStdHandle
GetSystemInfo
SetStdHandle
InterlockedCompareExchange
WaitForSingleObjectEx
CreateEventA
InterlockedExchangeAdd
PostQueuedCompletionStatus
InitializeCriticalSectionAndSpinCount
OpenEventA
SetWaitableTimer
SleepEx
CreateWaitableTimerW
DeviceIoControl
WTSGetActiveConsoleSessionId
GetSystemTimes
GetProcessTimes
FlushInstructionCache
GetProcessId
LoadLibraryExA
GetProcessShutdownParameters
SetProcessShutdownParameters
DecodePointer
ReleaseSemaphore
CreateSemaphoreA
FileTimeToLocalFileTime
SetThreadAffinityMask
SetThreadPriority
GetUserGeoID
GetGeoInfoW
VerSetConditionMask
VerifyVersionInfoW
ProcessIdToSessionId
RegisterWaitForSingleObject
UnregisterWaitEx
LoadLibraryExW
SetDllDirectoryW
HeapSetInformation
CreateIoCompletionPort
QueueUserAPC
GetQueuedCompletionStatus
SetFilePointerEx
ReleaseMutex
CreateMutexW
OpenMutexW
GetFileSize
GetLocalTime
SystemTimeToFileTime
GetPrivateProfileStringW
GetTempPathW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalMemoryStatusEx
SetFileAttributesW
lstrcmpiW
SetThreadExecutionState
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
FormatMessageA
GetFullPathNameW
SetFileTime
CopyFileW
AreFileApisANSI
WaitForMultipleObjectsEx
GetLogicalProcessorInformation
CreateWaitableTimerA
ExitThread
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
GetThreadPriority
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
UnregisterWait
GetStartupInfoW
CreateSemaphoreW
EnumSystemLocalesW
GetModuleHandleExW
FreeLibraryAndExitThread
VirtualProtect
InterlockedFlushSList
QueryDepthSList
GetPrivateProfileIntW
GetPrivateProfileSectionW
WritePrivateProfileStringW
CreateFileMappingA
OpenFileMappingA
MapViewOfFileEx
OpenEventW
GetExitCodeThread
GetTempFileNameW
FindFirstFileExW
GetDriveTypeW
PeekNamedPipe
LocalFileTimeToFileTime

user32

GetDesktopWindow
WindowFromPoint
FindWindowW
MonitorFromRect
GetWindowLongW
SetWindowPos
SendMessageW
InvalidateRect
UpdateWindow
WaitForInputIdle
UnregisterClassA
LoadStringW
PostMessageW
RegisterWindowMessageW
DefWindowProcW
SetWindowLongW
CallWindowProcW
GetAncestor
GetWindow
GetWindowInfo
GetShellWindow
IsWindow
IsWindowVisible
IsDialogMessageW
GetWindowRect
KillTimer
SetTimer
GetCursorPos
PtInRect
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
GetClientRect
GetParent
AllowSetForegroundWindow
EnumDisplaySettingsW
GetMonitorInfoW
MonitorFromPoint
GetActiveWindow
GetWindowThreadProcessId
MessageBoxW
ExitWindowsEx
CharNextW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
DestroyWindow
FindWindowExW
SendMessageTimeoutW
GetWindowTextW
GetDC
ReleaseDC
CopyRect
SetCursor
OffsetRect
keybd_event
GetKeyboardState
ShowWindow
SetFocus
AttachThreadInput
SetForegroundWindow
SetActiveWindow
GetWindowPlacement
SetRect
EnableWindow
IsWindowEnabled
UpdateLayeredWindow
ClientToScreen
GetMessagePos
ScreenToClient
GetClassLongW
SetClassLongW
DrawTextW
SetRectEmpty
SetWindowTextW
PostQuitMessage
DestroyIcon
GetSystemMetrics
LoadImageW
SwitchToThisWindow
OpenInputDesktop
CloseDesktop
MapWindowPoints
MonitorFromWindow
SystemParametersInfoW
GetForegroundWindow

gdi32

GetEnhMetaFileW

advapi32

GetUserNameA
RegQueryValueExW
InitializeAcl
AddAce
GetAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetFileSecurityA
RegOpenKeyA
RegEnumKeyA
OpenSCManagerA
CloseServiceHandle
RegDeleteKeyA
LookupAccountNameA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
RegCloseKey
GetLengthSid

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.te2xt
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata2
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 879KB - Virtual size: 879KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d98a12b9187c1806b8abeaa72c221e24

Code Sign

4c:22:49:c0:5b:f4:34:95:4e:b1:aa:8a:eb:5c:9a:f9Certificate

Extended Key Usages

be:bf:a3:91:6c:c2:88:43:69:12:52:12:b6:4e:70:93:66:15:e6:18Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4KB - Virtual size: 4KB

.te2xt Size: 512B - Virtual size: 300B

.rdata2 Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 879KB - Virtual size: 879KB

.data Size: 10KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 1016B

4c:22:49:c0:5b:f4:34:95:4e:b1:aa:8a:eb:5c:9a:f9
Certificate

be:bf:a3:91:6c:c2:88:43:69:12:52:12:b6:4e:70:93:66:15:e6:18
Signer

.text
Size: 4KB - Virtual size: 4KB

.te2xt
Size: 512B - Virtual size: 300B

.rdata2
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 879KB - Virtual size: 879KB

.data
Size: 10KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 1016B