87ab5f476d4351224d893e267cc30d3b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

87ab5f476d4351224d893e267cc30d3b_JaffaCakes118
Size

1.2MB
MD5

87ab5f476d4351224d893e267cc30d3b
SHA1

22e1fefd40bde744c165d316db26e88b5f4e6e70
SHA256

ca233059d5f7370dfdadf37d8f6b27ebf72ddaf6458613c2084b705727cf68ab
SHA512

7eb4776b09d586364d88ab1992133d9a0788c2c6c2e3ea4993ed061f4d25db9c7a3755a8add4775273193b953ca79ada4167d4a3671abbf728a4d0a61dd4e183
SSDEEP

24576:pnaaSYiqG1mIwV5eyX5VFGlzXXeYbi5wYHjJ+bfb:pnaDpqii5rXpGl7X4DJ+bD

Score

1^/10

Malware Config

Signatures

Files

87ab5f476d4351224d893e267cc30d3b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

26a5025313914b9b447a592e9526ef0c

Code Sign

5f:a7:6d:17:f4:12:66:96:48:53:73:d8:54:ed:fe:e7
Certificate

Issuer

CN=RIVVFIYD

Not Before

07-02-2019 09:50

Not After

31-12-2039 23:59

Subject

CN=RIVVFIYD

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2f:6d:67:dc:07:a7:b0:b4:4f:90:9d:bb:13:f1:95:6b:a8:b0:28:00:ad:6b:55:7f:c0:ec:73:9d:42:01:c0:7d
Signer

Actual PE Digest

2f:6d:67:dc:07:a7:b0:b4:4f:90:9d:bb:13:f1:95:6b:a8:b0:28:00:ad:6b:55:7f:c0:ec:73:9d:42:01:c0:7d

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
ReadConsoleInputA
ReadFile
RemoveDirectoryW
RtlUnwind
SetCurrentDirectoryW
SetEvent
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TerminateThread
PeekConsoleInputA
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WriteConsoleInputA
WriteFile
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrlenW
LoadLibraryA
OutputDebugStringW
OpenEventW
MoveFileW
MultiByteToWideChar
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
InterlockedExchange
InterlockedCompareExchange
HeapFree
HeapAlloc
IsDebuggerPresent
GetWindowsDirectoryW
GetVersionExW
GetVersionExA
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetOverlappedResult
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetFileSize
GetDriveTypeW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
FreeLibrary
FormatMessageW
FormatMessageA
FlushConsoleInputBuffer
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExitThread
EnumUILanguagesW
DeleteFileW
DecodePointer
CreateThread
CreateFileW
CreateEventA
CreateDirectoryW
CompareStringW
UnhandledExceptionFilter
CloseHandle

user32

GetKeyboardType
OpenIcon
GetCaretBlinkTime
IsGUIThread
GetCapture
AnyPopup
GetWindowDC
CharUpperW
GetShellWindow
GetMessagePos
GetListBoxInfo
GetSysColor
InSendMessage
CloseDesktop
EnumClipboardFormats
DestroyIcon
GetDC
LoadCursorFromFileA
CreateMenu
LoadCursorFromFileW
GetDlgCtrlID
IsCharLowerA
GetKBCodePage
GetKeyboardLayout
DestroyCursor
GetForegroundWindow
GetMenuContextHelpId
UnregisterClassW
TranslateMessage
SetForegroundWindow
SendMessageTimeoutW
RegisterClassW
PostThreadMessageW
PostQuitMessage
PostMessageW
LoadStringW
LoadIconW
LoadCursorW
GetSystemMetrics
GetMessageW
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyState
EnableWindow
DispatchMessageW
DestroyWindow
DefWindowProcW
CreateWindowExW
CharNextW
AttachThreadInput
ActivateKeyboardLayout
IsWindowEnabled

gdi32

CreateBrushIndirect
CreateSolidBrush
DeleteDC
DeleteObject
EndDoc
EndPage
ExtTextOutW
GetDeviceCaps
GetMapMode
GetObjectW
GetStockObject
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
LineTo
MoveToEx
PatBlt
SelectObject
SetBkColor
SetMapMode
SetTextAlign
SetTextColor
CreateCompatibleDC
SetViewportOrgEx
SetWindowExtEx
StartDocW
StartPage
UpdateColors
GetROP2
AddFontResourceA
GetColorSpace
CloseEnhMetaFile
GetSystemPaletteUse
GdiGetBatchLimit
GetGraphicsMode
GetBkMode
GetTextColor
AddFontResourceW
GetPolyFillMode
AbortPath
CreatePatternBrush
GetStretchBltMode
StrokePath
CreateMetaFileA
AbortDoc
CreateFontIndirectW
SetViewportExtEx
CreatePen
CreateFontW

advapi32

RegQueryValueExA
RegOpenKeyExW

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 882KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26a5025313914b9b447a592e9526ef0c

Code Sign

5f:a7:6d:17:f4:12:66:96:48:53:73:d8:54:ed:fe:e7Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

2f:6d:67:dc:07:a7:b0:b4:4f:90:9d:bb:13:f1:95:6b:a8:b0:28:00:ad:6b:55:7f:c0:ec:73:9d:42:01:c0:7dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

imm32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1.1MB - Virtual size: 1.1MB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 23KB - Virtual size: 882KB

5f:a7:6d:17:f4:12:66:96:48:53:73:d8:54:ed:fe:e7
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

2f:6d:67:dc:07:a7:b0:b4:4f:90:9d:bb:13:f1:95:6b:a8:b0:28:00:ad:6b:55:7f:c0:ec:73:9d:42:01:c0:7d
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 23KB - Virtual size: 882KB