69d9e7695bd55d98597807b040bffb20_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69d9e7695bd55d98597807b040bffb20_JaffaCakes118
Size

3.2MB
MD5

69d9e7695bd55d98597807b040bffb20
SHA1

d3da91c8638ced699b7df081386da8a46d97363e
SHA256

a22a2bc36c47d9ba531a976925a4eab7927605a76b26385dd83f3d827a4c6873
SHA512

4aa05480f53eb8a4b7bf47836ddd83b4fe5d8fa53ec078576571d7a02effbc2022e68594f687c3a0619f72411eaa85f1bcb97a16cdf717007ae6d5e37b0e5f18
SSDEEP

49152:0Se2nc8/0NTqylSqbyiIoy5NxT0F1CkjM+XCYlG:Ne2ncwylJby/zCHCkBX10

Score

1^/10

Malware Config

Signatures

Files

69d9e7695bd55d98597807b040bffb20_JaffaCakes118
.iso
out.iso
.iso
chit na rust -3bd504.exe
.exe windows:4 windows x86 arch:x86

46757a690761a4db7aa5d3259992d2c2

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4e:38:75:ea:92:7d:05:a7:7d:c8:58:4b:0d:2f:36
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/07/2018, 00:00

Not After

31/12/2019, 12:00

Subject

SERIALNUMBER=199911710082,CN=FinePrint Software\, LLC,O=FinePrint Software\, LLC,L=Brookline,ST=Massachusetts,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130a43616c69666f726e6961,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:4d:05:4f:d8:a8:d2:6a:69:3f:d2:2b:b0:36:31:7c
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/07/2018, 00:00

Not After

30/07/2021, 12:00

Subject

SERIALNUMBER=199911710082,CN=FinePrint Software\, LLC,O=FinePrint Software\, LLC,L=Brookline,ST=Massachusetts,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130a43616c69666f726e6961,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:17:6a:14:ff:4a:62:4e:fd:8f:43:f9:65:30:58:f8:35:5a:c5:e0:5f:90:b6:f0:9f:c5:65:fa:3e:9b:e8:fd
Signer

Actual PE Digest

83:17:6a:14:ff:4a:62:4e:fd:8f:43:f9:65:30:58:f8:35:5a:c5:e0:5f:90:b6:f0:9f:c5:65:fa:3e:9b:e8:fd

Digest Algorithm

sha256

PE Digest Matches

false

7f:4a:21:5e:55:e9:3b:6c:a4:1f:ca:27:5d:7a:57:a5:5f:0b:3b:a8
Signer

Actual PE Digest

7f:4a:21:5e:55:e9:3b:6c:a4:1f:ca:27:5d:7a:57:a5:5f:0b:3b:a8

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FlushInstructionCache
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCPInfo
TerminateProcess
GetProcAddress
GetStartupInfoA
GetModuleHandleA
RtlUnwind
CreateMutexA
FindFirstFileW
FoldStringA
FlushViewOfFile
RemoveDirectoryA
DeleteCriticalSection
FindAtomW
FileTimeToSystemTime
DuplicateHandle
FindAtomA
LCMapStringW
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
CreateFileA
DeviceIoControl
ExitProcess
GetModuleHandleW
LoadLibraryA
FreeLibrary
GetACP
GetLastError
GetOEMCP
GetVersion
GetCommandLineA
GetAtomNameA
GetAtomNameW
FreeResource
GenerateConsoleCtrlEvent
FileTimeToLocalFileTime
FormatMessageW
FindFirstFileA
GetCurrentProcess
DisconnectNamedPipe
OpenProcess
FlushConsoleInputBuffer
CreateFileMappingA
FoldStringW
FreeConsole
FormatMessageA
FreeLibraryAndExitThread
EnumResourceTypesA
GetQueuedCompletionStatus
FindNextFileA
FindNextFileW
VirtualProtect
FileTimeToDosDateTime
FlushFileBuffers
EnumSystemCodePagesA
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
LoadLibraryExW
GetTickCount
GetModuleFileNameA
GetEnvironmentStrings
GetVersionExA

user32

MessageBoxW
GetSystemMetrics
SetCursor
DeleteMenu
GetSysColor
DlgDirListA
IsWindowEnabled
DestroyCursor
GetClassNameA
DialogBoxParamW
TrackPopupMenu
DlgDirSelectComboBoxExW
DestroyCaret
DlgDirListW
DestroyIcon
DlgDirSelectComboBoxExA
DispatchMessageW
DlgDirListComboBoxA
GetClientRect
CreateWindowExA
DefFrameProcA
SetWindowLongA
DefWindowProcA
LoadStringA
DestroyMenu
DlgDirListComboBoxW
GetParent
DialogBoxParamA
DestroyWindow
TranslateMessage
DispatchMessageA
DeferWindowPos
DlgDirSelectExA
DlgDirSelectExW
GetWindowDC
ReleaseDC

gdi32

FlattenPath
ExtFloodFill
CombineRgn
GetBoundsRect
CreateBitmapIndirect
FixBrushOrgEx
ExtTextOutA
CreateFontIndirectA
GetCharABCWidthsA
EnumFontFamiliesExA
FillRgn
DeleteObject
ExtEscape
CreateCompatibleBitmap
GetArcDirection
ExtSelectClipRgn
FrameRgn
GetBitmapBits
CreateFontA
ExtTextOutW
DeleteDC
GetBitmapDimensionEx
EnumFontsA
GetCharABCWidthsFloatA
GetCharABCWidthsFloatW
GetCharWidth32A
GetCharWidth32W
CreateDCA

advapi32

RegCreateKeyExA
DeregisterEventSource
RegQueryValueW
CreateServiceW
LookupAccountNameW
CreateServiceA
CreateProcessAsUserW
RegSetValueExA
CreateProcessAsUserA
RegQueryValueExA
InitializeSid
IsValidSid
CreatePrivateObjectSecurity
LookupPrivilegeNameA
AddAce
AreAllAccessesGranted
DestroyPrivateObjectSecurity
CopySid
AddAccessDeniedAce
RegDeleteValueW
DuplicateToken
RegEnumKeyExA
RegQueryInfoKeyA
EqualSid
RegEnumValueA
RegEnumValueW
RegCloseKey
CreateRestrictedToken
RegDeleteKeyA
AddAccessAllowedAce
ClearEventLogA
OpenEventLogA
RegOpenKeyExW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.N4f127
Size: 16KB - Virtual size: 30.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.O4f128
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 776KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46757a690761a4db7aa5d3259992d2c2

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0c:4e:38:75:ea:92:7d:05:a7:7d:c8:58:4b:0d:2f:36Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

07:4d:05:4f:d8:a8:d2:6a:69:3f:d2:2b:b0:36:31:7cCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

83:17:6a:14:ff:4a:62:4e:fd:8f:43:f9:65:30:58:f8:35:5a:c5:e0:5f:90:b6:f0:9f:c5:65:fa:3e:9b:e8:fdSigner

7f:4a:21:5e:55:e9:3b:6c:a4:1f:ca:27:5d:7a:57:a5:5f:0b:3b:a8Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 8KB - Virtual size: 5KB

.N4f127 Size: 16KB - Virtual size: 30.0MB

.O4f128 Size: 8KB - Virtual size: 4KB

.rsrc Size: 776KB - Virtual size: 772KB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0c:4e:38:75:ea:92:7d:05:a7:7d:c8:58:4b:0d:2f:36
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

07:4d:05:4f:d8:a8:d2:6a:69:3f:d2:2b:b0:36:31:7c
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

83:17:6a:14:ff:4a:62:4e:fd:8f:43:f9:65:30:58:f8:35:5a:c5:e0:5f:90:b6:f0:9f:c5:65:fa:3e:9b:e8:fd
Signer

7f:4a:21:5e:55:e9:3b:6c:a4:1f:ca:27:5d:7a:57:a5:5f:0b:3b:a8
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 8KB - Virtual size: 5KB

.N4f127
Size: 16KB - Virtual size: 30.0MB

.O4f128
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 776KB - Virtual size: 772KB