68252f545426cac3a4f35564477200ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68252f545426cac3a4f35564477200ea_JaffaCakes118
Size

4.0MB
MD5

68252f545426cac3a4f35564477200ea
SHA1

6ed04abd83495e83f666303ef6e438a58e4a97d1
SHA256

0ec62d78f3a8698204b900b976eb4dc1b313b85adee80b1cffe22f33b2e89e7b
SHA512

9b2c7f907543b99db32d38654f30d40cb4a9eb70cc5e0bbe6733177ec715def2c2916014e04dbad1e13de30e4a697f78116a837fead5023b04627ae1304995c8
SSDEEP

3072:p9+afVOLnj+VrBGuf2ufdZt5Guf2ufdZNaq8v8xPohYkQr0jeLwJr95rJorNAzyE:TVOLnaVrOv8xEYQqLwhHrWGOP+5VTf

Score

1^/10

Malware Config

Signatures

Files

68252f545426cac3a4f35564477200ea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

caab328bbf1ebc908a329a1634676a04

Code Sign

2a:29:7b:e3:e5:4f:d3:98:41:d6:81:ae:99:cb:7a:f0
Certificate

Issuer

CN=NQKGVEOGCWTGEJEQWX

Not Before

12/09/2020, 17:38

Not After

31/12/2039, 23:59

Subject

CN=NQKGVEOGCWTGEJEQWX

Extended Key Usages

ExtKeyUsageCodeSigning

1f:a0:89:27:52:89:dd:c7:79:ea:c2:c2:b0:e4:18:e2:55:96:66:86
Signer

Actual PE Digest

1f:a0:89:27:52:89:dd:c7:79:ea:c2:c2:b0:e4:18:e2:55:96:66:86

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetLastError
VirtualAlloc
SetErrorMode
GetModuleHandleA
CreateFileW
GetWindowsDirectoryW
TerminateProcess
DeleteCriticalSection
HeapSetInformation
InitializeCriticalSection
LoadLibraryW
GetVersionExW
GetModuleHandleW
IsWow64Process
GetCurrentProcess
RaiseException
GetSystemDefaultLCID
GetUserDefaultLCID
GetFileTime
GetCommandLineW
LocalAlloc
ExpandEnvironmentStringsW
CreateProcessW
LocalFree
lstrlenW
SetDllDirectoryW
SetLastError
CloseHandle
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
FreeLibrary
GetLocaleInfoW
CreateFileMappingW
MapViewOfFile
LoadLibraryExW
LoadResource
FindResourceExW
UnhandledExceptionFilter
GetSystemTimeAsFileTime
ReleaseMutex
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
VerifyVersionInfoW
GetCurrentDirectoryW
GetModuleFileNameW
VerSetConditionMask
SetThreadLocale
LocalFlags
GetPrivateProfileIntW
GetMailslotInfo
FindResourceExA
SetPriorityClass
InterlockedIncrement
InterlockedDecrement
CreateTimerQueue
DeleteTimerQueueEx
DeleteTimerQueueTimer
SetEvent
WaitForSingleObject
TerminateThread
lstrcmpiW
CreateTimerQueueTimer
MultiByteToWideChar
SizeofResource
FindResourceW
FlushInstructionCache
CreateEventW
CreateThread
WaitForMultipleObjects
GetSystemWindowsDirectoryW
TlsAlloc
TlsFree
SystemTimeToFileTime
GetSystemTime
GetFileSize
ReadFile
WriteFile
GetFileAttributesW
SetFilePointer
RtlUnwind
OutputDebugStringA
VirtualFree
HeapAlloc
GetProcessHeap
HeapFree
WideCharToMultiByte
GetVersionExA

user32

CharNextW
SendMessageTimeoutW
IsWindowVisible
IsWindowEnabled
AllowSetForegroundWindow
GetWindowThreadProcessId
FindWindowExW
MessageBoxW
LoadStringW
SetMenuContextHelpId
CharUpperW
GetClipboardFormatNameA
ShowWindow
GetForegroundWindow
IsCharUpperW
MoveWindow
SendMessageCallbackW
UnhookWindowsHook
ShowCursor
ShowScrollBar
GetMenuBarInfo
ReleaseDC
GetDC
GetMenuItemID
RedrawWindow
DestroyCaret
GetClientRect
DrawAnimatedRects
SetMenu
IMPGetIMEA
VkKeyScanA
GetClassWord
FreeDDElParam
SendMessageTimeoutA
GetDlgItemTextA
GetPropA
CharLowerW
keybd_event
ScrollWindow
RegisterClassW
LoadCursorFromFileA
ExcludeUpdateRgn
ChangeMenuW
LoadImageA
GetUserObjectInformationA
GetWindowLongW
CreateDialogParamW
CharToOemBuffA
SetUserObjectInformationW
FindWindowW
SetClassLongA
LoadCursorA
wsprintfW
ChangeDisplaySettingsA
SendMessageW
DestroyWindow
PostThreadMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowLongW
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateWindowExW
PostQuitMessage
GetMenuItemInfoW
TrackPopupMenuEx
SetForegroundWindow
GetCursorPos
LoadIconW
RemoveMenu
GetMenuItemCount
DestroyMenu
EndMenu
EnableMenuItem
DefWindowProcW
CallWindowProcW
InsertMenuItemW
CreatePopupMenu
UnregisterClassW
UnregisterClassA

gdi32

GetEnhMetaFileW
GetFontUnicodeRanges
CreateFontW
GetMetaFileBitsEx
PolyDraw
EngCreatePalette
PathToRegion
CreateICA
GetCharWidthInfo
GdiConvertEnhMetaFile
CloseEnhMetaFile
GdiIsMetaFileDC
EndPage
CreateICW
STROBJ_bEnumPositionsOnly
CloseFigure
EngTransparentBlt
FlattenPath
GdiGetLocalFont
GetCharacterPlacementW
CombineRgn
ExtTextOutW
XLATEOBJ_iXlate
SetWindowExtEx
GetTextExtentExPointWPri
STROBJ_bGetAdvanceWidths
GetGlyphOutlineW
AnimatePalette
SetICMProfileA
GetTextColor
EngAlphaBlend

advapi32

GetUserNameA
RegQueryValueExW
TraceEvent
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
RegCloseKey
RegOpenKeyExW
TraceMessage
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW

shell32

CommandLineToArgvW
Shell_NotifyIcon
SHGetSettings
SHGetSpecialFolderPathA
DoEnvironmentSubstA
SHCreateDirectoryExA
SHFormatDrive
SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetDataFromIDListA
SHGetMalloc
Shell_NotifyIconW
ShellExecuteW

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoSuspendClassObjects
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoResumeClassObjects

shlwapi

PathCombineW
UrlCanonicalizeW
PathIsURLW
SHGetValueW
SHSetValueW
SHRegGetValueW
PathRemoveFileSpecW
PathAppendW
PathQuoteSpacesW
UrlCreateFromPathW
UrlApplySchemeW
SHEnumValueW
StrStrW
PathFindFileNameW
StrChrIW
StrStrIA
StrChrIA

msvcrt

_onexit
_lock
__dllonexit
_unlock
_controlfp
memcpy
bsearch
_vsnwprintf
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
wcsncmp
iswspace
memset
_wcsnicmp
_wcsicmp
_wcslwr
_errno
__CxxFrameHandler
_purecall
calloc
_CxxThrowException
free
malloc
realloc
memmove
towlower
_wtol
toupper
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.te2xt
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 1024B - Virtual size: 555B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

caab328bbf1ebc908a329a1634676a04

Code Sign

2a:29:7b:e3:e5:4f:d3:98:41:d6:81:ae:99:cb:7a:f0Certificate

Extended Key Usages

1f:a0:89:27:52:89:dd:c7:79:ea:c2:c2:b0:e4:18:e2:55:96:66:86Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 2KB - Virtual size: 2KB

.te2xt Size: 512B - Virtual size: 300B

.rdata Size: 3.9MB - Virtual size: 3.9MB

.rdata2 Size: 1024B - Virtual size: 555B

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 150KB - Virtual size: 150KB

2a:29:7b:e3:e5:4f:d3:98:41:d6:81:ae:99:cb:7a:f0
Certificate

1f:a0:89:27:52:89:dd:c7:79:ea:c2:c2:b0:e4:18:e2:55:96:66:86
Signer

.text
Size: 2KB - Virtual size: 2KB

.te2xt
Size: 512B - Virtual size: 300B

.rdata
Size: 3.9MB - Virtual size: 3.9MB

.rdata2
Size: 1024B - Virtual size: 555B

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 150KB - Virtual size: 150KB