8cb32eab15ed5661075318d9c4d0161f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8cb32eab15ed5661075318d9c4d0161f_JaffaCakes118
Size

2.1MB
MD5

8cb32eab15ed5661075318d9c4d0161f
SHA1

5c18855758ae58866df7e012b87ed7ca9e93f230
SHA256

b9fb9e16f751b081153fb5b9e7be60b058c753a0412dbb97568b842d7255b841
SHA512

5c457685dbe46e5adb3b0788ce89e7705b957038685246d0a79b0daae5b515382bdd5122993a3951e6c20ebf4e8c367edb43fdcdcc50cdeeb6987aff3aae2e6f
SSDEEP

49152:uKO1WgnfFqiinwUyP0plFLzz7TBs4lhC3Vlw9kZctvf+1vTGvsAw75:RaxdqiiwUJxzz7TBjlhCFa9kZctvf+9

Score

1^/10

Malware Config

Signatures

Files

8cb32eab15ed5661075318d9c4d0161f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ff33cda265e4b9b893c7c5d8ad17c246

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:7f:14:0f:fd:30:01:d3:ca:56:1d:37:c4:50:20:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13-06-2016 00:00

Not After

20-09-2018 23:59

Subject

CN=NetEase Youdao Information Technology (Beijing) Co.\,Ltd.,OU=Product Dept.,O=NetEase Youdao Information Technology (Beijing) Co.\,Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\TeamCity\workspace\YDProject\dict-pc\src\bin\Release\YoudaoIE.pdb

Imports

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
GetACP
ExitProcess
FindFirstFileExW
GetOEMCP
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
RtlUnwind
OutputDebugStringW
FindNextFileW
GetStdHandle
IsValidCodePage
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
FindResourceExW
Sleep
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
GetTempPathW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetTempFileNameW
GetFileTime
GetFileAttributesW
VirtualProtect
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GetThreadLocale
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
LoadLibraryW
GetModuleHandleA
OutputDebugStringA
FreeResource
GetCurrentProcessId
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
MultiByteToWideChar
InterlockedExchangeAdd
WideCharToMultiByte
SetLastError
CopyFileW
FormatMessageW
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
WaitForSingleObject
SetEvent
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
OpenEventW
OpenProcess
CloseHandle
GlobalFree
lstrcpyW
GlobalAlloc
LocalFree
GetCommandLineW
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileType

user32

UnpackDDElParam
LoadImageW
DestroyIcon
IntersectRect
SetRectEmpty
InsertMenuItemW
DestroyMenu
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
SystemParametersInfoW
LoadCursorW
IsRectEmpty
OffsetRect
SetWindowRgn
DrawIcon
GetSystemMetrics
KillTimer
ReleaseCapture
SetCapture
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ReuseDDElParam
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
UpdateLayeredWindow
GetMessageTime
GetMessagePos
RegisterWindowMessageW
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
EnableScrollBar
UnionRect
MonitorFromPoint
EnableWindow
SendMessageTimeoutW
SetTimer
GetSysColorBrush
CopyImage
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetCursorPos
GetFocus
GetSysColor
ScreenToClient
DeleteMenu
RealChildWindowFromPoint
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
GetNextDlgGroupItem
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
SendDlgItemMessageA
InflateRect
TrackMouseEvent
ClientToScreen
EndPaint
IsZoomed
CharUpperW
GetAsyncKeyState
GetSystemMenu
WindowFromPoint
NotifyWinEvent
GetMenuItemInfoW
GetMenuDefaultItem
GetScrollPos
SetMenuDefaultItem
PostMessageW
UnregisterClassW
GetWindowRect
SetFocus
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
PostQuitMessage
RegisterClipboardFormatW
SendMessageW
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
SetWindowPos
SetWindowContextHelpId
GetWindow
EmptyClipboard
MapDialogRect
DrawStateW
UpdateWindow
InvalidateRect
GetClientRect
FillRect
GetClassNameW
LoadBitmapW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
GetDesktopWindow
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
GetKeyNameTextW
MapVirtualKeyW
SetParent
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
LockWindowUpdate
SetClassLongW
OpenClipboard
CloseClipboard
SetClipboardData
GetWindowRgn
GetComboBoxInfo
DestroyCursor
InvertRect
HideCaret
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetIconInfo
GetDoubleClickTime
WaitMessage
FrameRect
CopyIcon
ModifyMenuW
CharUpperBuffW
DefWindowProcW

gdi32

GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateEllipticRgn
Ellipse
CreateDIBSection
DPtoLP
ExcludeClipRect
CreateCompatibleBitmap
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateDIBitmap
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
GetTextExtentPoint32W
CombineRgn
GetMapMode
PatBlt
SetRectRgn
CreateRoundRectRgn
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
Rectangle
EnumFontFamiliesExW
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetObjectW
GetStockObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCW
CopyMetaFileW
LPtoDP
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHAppBarMessage
SHGetDesktopFolder
CommandLineToArgvW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindExtensionW

uxtheme

GetCurrentThemeName
CloseThemeData
OpenThemeData
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeParentBackground
DrawThemeText
IsAppThemed
GetThemePartSize
GetThemeSysColor
GetWindowTheme
GetThemeColor

ole32

CoCreateInstance
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
DoDragDrop
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleDraw
CoUninitialize

oleaut32

SysAllocString
SysAllocStringLen
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
VariantClear
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysFreeString
VariantInit
SysStringLen
SafeArrayGetLBound
VariantChangeType

oledlg

OleUIBusyW

gdiplus

GdipGetImagePaletteSize
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

wininet

InternetGetCookieW
InternetSetCookieExW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff33cda265e4b9b893c7c5d8ad17c246

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

0d:7f:14:0f:fd:30:01:d3:ca:56:1d:37:c4:50:20:89Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

wininet

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 348KB - Virtual size: 347KB

.data Size: 23KB - Virtual size: 49KB

.gfids Size: 107KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 126KB - Virtual size: 125KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

0d:7f:14:0f:fd:30:01:d3:ca:56:1d:37:c4:50:20:89
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 348KB - Virtual size: 347KB

.data
Size: 23KB - Virtual size: 49KB

.gfids
Size: 107KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 126KB - Virtual size: 125KB