7b091d36b24c1b33e3a10ff59421d989_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7b091d36b24c1b33e3a10ff59421d989_JaffaCakes118
Size

12.2MB
MD5

7b091d36b24c1b33e3a10ff59421d989
SHA1

d139399e2ccf052e2c5a4c3ff821cf41efcaacb3
SHA256

d7e3ec034b2453f8c332634be4d0dc22fb133ab8d75a72d05fd16881f76cf2ef
SHA512

8a84e5d36623075efa2925c67b4ca1574bc8fb19d26d03944b1c6014af10fc2391e6aa8c22dace12ee0f53f86c4908117baf6d54e5fb925fe879213784176ddf
SSDEEP

196608:Md+5boxGEzRmVQYa8332DAhcZvZdrkBAfe5ZtubUtBvk0NqThkRC41AaObQw5Ai:MsE3U33KdZfXwtNNqqLOb7

Score

1^/10

Malware Config

Signatures

Files

7b091d36b24c1b33e3a10ff59421d989_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7dfd11f084dd6732e2f6663bef37eda6

Code Sign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:45

Not After

15-04-2021 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:56:a4:b2:46:57:5b:b6:65:e8:5b:66:f2:01:00:1c
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

21-08-2018 00:00

Not After

28-08-2019 12:00

Subject

SERIALNUMBER=91420100MA4KMCYCXJ,CN=武汉文网亿联科技有限公司,O=武汉文网亿联科技有限公司,L=武汉市,ST=湖北省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c1ee6ada6e6b189e4b89ce6b996e696b0e68a80e69cafe5bc80e58f91e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b996e58c97e79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:36:d2:7d:25:94:1b:de:6f:e6:f1:d7:62:26:de:e1:5f:10:2b:e6:c9:78:71:36:d4:f0:6c:06:16:05:bc:62
Signer

Actual PE Digest

04:36:d2:7d:25:94:1b:de:6f:e6:f1:d7:62:26:de:e1:5f:10:2b:e6:c9:78:71:36:d4:f0:6c:06:16:05:bc:62

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\workspace\accelerate\acc_setup\acc_setup\Bin\acc_setup.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
GetModuleHandleW
OutputDebugStringW
GetDriveTypeW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
GlobalFree
GlobalAlloc
lstrcmpA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
DeviceIoControl
ReadFile
FindClose
FindFirstFileW
WriteConsoleW
DeleteFileW
FreeResource
CreateFileW
GetCommandLineW
GetTempPathW
MultiByteToWideChar
TerminateProcess
OpenProcess
Process32NextW
DecodePointer
CreateToolhelp32Snapshot
CreateProcessW
CreateThread
GetLocalTime
RaiseException
lstrcmpiW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
WaitForSingleObject
SetLastError
GetModuleFileNameW
ReleaseMutex
CloseHandle
GetLastError
CreateMutexW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
GetOEMCP
IsValidCodePage
ReadConsoleW
GetConsoleMode
SetFilePointerEx
UnregisterWaitEx
InitializeSListHead
FreeLibraryAndExitThread
GetThreadTimes
VirtualProtect
DeleteCriticalSection
lstrlenW
Process32FirstW
ExitProcess
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
HeapSize
HeapDestroy
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
DuplicateHandle
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetStringTypeW
EncodePointer
MulDiv
InterlockedIncrement
InterlockedDecrement
lstrlenA
FormatMessageW
LocalFree
GetACP
GetTickCount
DebugBreak
FindResourceA
GlobalLock
GlobalUnlock
GetFileAttributesW
CopyFileW
GetCurrentProcessId
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
CreateDirectoryW
SetFileTime
WriteFile
GetFileType
GetFileSize
lstrcmpW
GetDateFormatW
MoveFileExW
SetFileAttributesW
LocalFileTimeToFileTime
VirtualAlloc
VirtualFree
GetSystemInfo
FileTimeToDosDateTime
FileTimeToLocalFileTime
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
CreateEventW
CreateSemaphoreW
QueryPerformanceCounter
WaitForMultipleObjects
SetEndOfFile
GetModuleHandleA
WritePrivateProfileStringW
SetThreadPriority
GetPrivateProfileIntW
OutputDebugStringA
GetModuleHandleExW
FreeConsole
AllocConsole
GetStdHandle
SetConsoleTextAttribute
IsProcessorFeaturePresent
GetCPInfo
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
ExitThread
LoadLibraryExW
CreateTimerQueue
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
GetThreadPriority

user32

GetWindowLongW
GetWindow
EnableWindow
SetFocus
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
LoadImageW
LoadCursorW
RegisterClassW
GetClientRect
InvalidateRect
MapWindowPoints
PtInRect
GetCapture
ClientToScreen
ReleaseCapture
IntersectRect
OffsetRect
IsRectEmpty
UnionRect
SetRect
SetRectEmpty
EqualRect
SetCursor
GetDC
IsWindowEnabled
GetKeyState
ScreenToClient
DestroyWindow
SetTimer
KillTimer
IsWindowVisible
GetCursorPos
IsIconic
GetFocus
GetClassNameW
GetPropW
SetCapture
ReleaseDC
CharNextW
GetDesktopWindow
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
SystemParametersInfoW
GetWindowDC
DrawTextW
LoadBitmapW
FillRect
GetIconInfo
DestroyIcon
CharPrevW
CreateCaret
HideCaret
ShowCaret
GetSysColor
GetCaretPos
SetCaretPos
CharUpperW
CharPrevExA
GetParent
IsWindow
CreateWindowExW
FindWindowW
GetWindowPlacement
SetWindowPlacement
SetWindowPos
SetForegroundWindow
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadIconW
SendMessageW
SetWindowTextW
UpdateWindow
DefWindowProcW
BeginPaint
EndPaint
PostQuitMessage
wvsprintfW
wsprintfW
PostMessageW
ShowWindow
MessageBoxW
CopyRect

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetPathFromIDListW
SHChangeNotify
ShellExecuteW
SHBrowseForFolderW
SHFileOperationW

ole32

CoInitialize
OleRun
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantCopy
VariantChangeType
GetErrorInfo

shlwapi

PathAppendW
SHCreateStreamOnFileEx
PathAddBackslashW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW
PathRemoveFileSpecW
UrlUnescapeW
SHDeleteKeyW
SHSetValueW
PathIsDirectoryW

gdiplus

GdipFree
GdipDeleteBrush
GdipCreateLineBrushFromRectI
GdipAlloc
GdipDeletePath
GdipCreatePath
GdipCloneBrush
GdipAddPathRectangleI
GdipReleaseDC
GdipGetDC
GdipPathIterNextSubpathPath
GdipGetPointCount
GdipAddPathEllipseI
GdipSetPathFillMode
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipCreateSolidFill
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipBitmapSetPixel
GdipCreateBitmapFromHICON
GdipFillPath
GdipAddPathArcI
GdipGetPathData
GdipFlattenPath
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetPixelOffsetMode
GdipDrawImageRectRectI
GdiplusStartup
GdiplusShutdown
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateLineBrushI
GdipDrawString
GdipDrawImageRect
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetImageRawFormat
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipImageSelectActiveFrame
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDrawImageI
GdipClonePath
GdipCreatePathIter
GdipDeletePathIter
GdipPathIterGetSubpathCount

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

iphlpapi

GetAdaptersInfo
GetIpNetTable

netapi32

Netbios

ws2_32

inet_ntoa

wininet

InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetSetOptionW

urlmon

UrlMkGetSessionOption

comctl32

ord17

msimg32

AlphaBlend
GradientFill

gdi32

CreateFontIndirectW
SaveDC
RestoreDC
SetWindowOrgEx
GetTextMetricsW
SetBkColor
ExtTextOutW
GetDeviceCaps
GetViewportOrgEx
BitBlt
SelectClipRgn
OffsetViewportOrgEx
GetObjectA
SetStretchBltMode
StretchBlt
SetTextColor
CreatePatternBrush
GetBrushOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetDIBits
CreateDCW
GetObjectW
CreateDIBSection
SetViewportOrgEx
DeleteObject
Rectangle
CreatePen
GetStockObject
SelectObject
CreateRectRgn
SetBrushOrgEx
SetBkMode
CreatePenIndirect
MoveToEx
LineTo
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
RoundRect
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10.8MB - Virtual size: 10.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dfd11f084dd6732e2f6663bef37eda6

Code Sign

61:20:4d:b4:00:00:00:00:00:27Certificate

Key Usages

0a:56:a4:b2:46:57:5b:b6:65:e8:5b:66:f2:01:00:1cCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

04:36:d2:7d:25:94:1b:de:6f:e6:f1:d7:62:26:de:e1:5f:10:2b:e6:c9:78:71:36:d4:f0:6c:06:16:05:bc:62Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

version

iphlpapi

netapi32

ws2_32

wininet

urlmon

comctl32

msimg32

gdi32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 255KB - Virtual size: 255KB

.data Size: 21KB - Virtual size: 73KB

.rsrc Size: 10.8MB - Virtual size: 10.8MB

.reloc Size: 61KB - Virtual size: 61KB

61:20:4d:b4:00:00:00:00:00:27
Certificate

0a:56:a4:b2:46:57:5b:b6:65:e8:5b:66:f2:01:00:1c
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

04:36:d2:7d:25:94:1b:de:6f:e6:f1:d7:62:26:de:e1:5f:10:2b:e6:c9:78:71:36:d4:f0:6c:06:16:05:bc:62
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 255KB - Virtual size: 255KB

.data
Size: 21KB - Virtual size: 73KB

.rsrc
Size: 10.8MB - Virtual size: 10.8MB

.reloc
Size: 61KB - Virtual size: 61KB