8e3b9878addd01a64787996496cce929_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8e3b9878addd01a64787996496cce929_JaffaCakes118
Size

1018KB
MD5

8e3b9878addd01a64787996496cce929
SHA1

cf60acbbe1914412860c7ba32567b6a666b9e423
SHA256

9616eff1437e98fbe7360b61f3786d643b5c5eb4f57edb8b4d65884084676e18
SHA512

5ed52cf73564ed6b84d3be5d6c16a5d48ba6175e50f02a70e83986c18f1ce50bc76d41d244668ef3be872384323ac11d180bf90f2762a2bf8fe28ea9298fd16f
SSDEEP

24576:O/7TbYcDa6BSSEkmfSRmjNr0HmO0g9miDnP9GAzYJLj:O7TajSENNO79FDPzzYFj

Score

1^/10

Malware Config

Signatures

Files

8e3b9878addd01a64787996496cce929_JaffaCakes118
.exe windows:5 windows x86 arch:x86

41f7c8539323d1db9dddff04932d717c

Code Sign

64:4d:a5:84:ba:53:61:5a:b4:65:3c:f5:92:a1:3e:50
Certificate

Issuer

CN=VHRGUMCPBKMFRGRSFG

Not Before

08-08-2019 16:56

Not After

31-12-2039 23:59

Subject

CN=VHRGUMCPBKMFRGRSFG

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07-06-2005 08:09

Not After

30-05-2020 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27-04-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02-05-2019 00:00

Not After

30-05-2020 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

82:08:04:aa:ac:9f:cb:ae:bc:87:73:82:81:bf:c7:4a:01:f7:5b:45
Signer

Actual PE Digest

82:08:04:aa:ac:9f:cb:ae:bc:87:73:82:81:bf:c7:4a:01:f7:5b:45

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameA
GetComputerNameExW
GetComputerNameW
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetQueuedCompletionStatus
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatW
GetUserDefaultLCID
GetVersionExA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
DeviceIoControl
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
ExitProcess
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MoveFileW
MultiByteToWideChar
OpenEventW
PostQueuedCompletionStatus
QueryPerformanceCounter
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcatA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW
HeapSize
IsValidCodePage
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteFileW
DeleteFileA
DeleteCriticalSection
DecodePointer
CreateThread
CreateSemaphoreW
CreateMutexA
CreateIoCompletionPort
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
CompareStringW
EnumUILanguagesW
LCMapStringA
EnterCriticalSection
CloseHandle
CancelIo
HeapReAlloc
AddConsoleAliasW

user32

LoadIconA
CallWindowProcW
CharNextW
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
MessageBoxW
PeekMessageW
PostMessageW
PostThreadMessageW
RegisterClassExW
RegisterClassW
SendMessageTimeoutW
SetTimer
SetWindowLongW
TranslateMessage
UnregisterClassA
LoadStringW
LoadCursorW
KillTimer
IsWindow
GetWindowLongW
GetMessageW
GetClassInfoExW
GetActiveWindow
FindWindowW
ExitWindowsEx

gdi32

PathToRegion
GetStockObject

advapi32

RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegOpenKeyExA
OpenProcessToken

ole32

CoInitialize
CoTaskMemAlloc
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance

shlwapi

wvnsprintfW
UrlGetPartA
StrStrIW
StrStrIA
StrCpyNW
StrCmpNIW
StrCmpIW
SHGetValueW
PathRemoveFileSpecW
PathIsDirectoryW
PathFindFileNameW
PathFileExistsW
PathCombineW
PathAppendW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 867KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41f7c8539323d1db9dddff04932d717c

Code Sign

64:4d:a5:84:ba:53:61:5a:b4:65:3c:f5:92:a1:3e:50Certificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

82:08:04:aa:ac:9f:cb:ae:bc:87:73:82:81:bf:c7:4a:01:f7:5b:45Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 867KB - Virtual size: 866KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 93KB - Virtual size: 1.1MB

64:4d:a5:84:ba:53:61:5a:b4:65:3c:f5:92:a1:3e:50
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

82:08:04:aa:ac:9f:cb:ae:bc:87:73:82:81:bf:c7:4a:01:f7:5b:45
Signer

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 867KB - Virtual size: 866KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 93KB - Virtual size: 1.1MB