a1d6470a5733f5f109fceb65b7ffb063_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1d6470a5733f5f109fceb65b7ffb063_JaffaCakes118
Size

541KB
MD5

a1d6470a5733f5f109fceb65b7ffb063
SHA1

92223f2dbe5ec15cffb4d2c0df3d4a53b96e3856
SHA256

cdf6578401ee009c4281cd86c7f4a45ce85ebe836f49d1206d5e91a9465d854a
SHA512

7aa7029741fa77a5aa3371cdf6f2d2af6368245c76eb737ca41ba04b73dc074513998ca4ed71347ae3e790a24acee8d65e3514940856ee434c5aa3d6279195fb
SSDEEP

6144:13KRuPFPVBPGPBdtPjPBpxzPXPVR1PTPd/PPPhHPrPVPPPzPZPLPDJPvPndP3P90:1WNHvbyVfbWWbyHjaSabybbybvkblebj

Score

1^/10

Malware Config

Signatures

Files

a1d6470a5733f5f109fceb65b7ffb063_JaffaCakes118
.exe windows:5 windows x86 arch:x86

980670a5dc4b1301583827271e468fe9

Code Sign

14:0f:ce:a5:33:2b:18:4b:bd:82:85:a1:c4:6b:e5:5d
Certificate

Issuer

CN=GZEVWVSBDRVXJRLHVT

Not Before

07/09/2019, 12:54

Not After

31/12/2039, 23:59

Subject

CN=GZEVWVSBDRVXJRLHVT

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cf:e0:7b:9e:aa:88:c2:1c:68:0b:6c:90:00:87:d2:88:be:78:1a:5d
Signer

Actual PE Digest

cf:e0:7b:9e:aa:88:c2:1c:68:0b:6c:90:00:87:d2:88:be:78:1a:5d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexA
CreateMutexW
CreatePipe
CreateProcessA
CreateProcessW
CreateRemoteThread
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameA
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPriorityClass
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetThreadContext
GetThreadLocale
GetThreadPriority
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
CopyFileW
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LocalSize
LockFile
LockResource
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenFileMappingW
OpenProcess
OutputDebugStringW
ProcessIdToSessionId
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
SetConsoleMode
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetHandleCount
SetLastError
SetProcessWorkingSetSize
SetStdHandle
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
WritePrivateProfileStringW
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW
ConvertDefaultLocale
CopyFileA
CompareStringW
CompareStringA
CloseHandle
GlobalFindAtomA
Beep

user32

CreateWindowExA
CreateWindowExW
DefDlgProcA
DefDlgProcW
DefWindowProcA
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxParamA
DialogBoxParamW
DispatchMessageA
DispatchMessageW
DrawEdge
DrawTextA
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EnumThreadWindows
EnumWindows
ExitWindowsEx
FillRect
FindWindowA
FindWindowExW
FindWindowW
FreeDDElParam
GetActiveWindow
GetAsyncKeyState
GetClientRect
GetCursorPos
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemTextW
GetFocus
GetForegroundWindow
GetMenu
GetMessageA
GetMessageW
GetMonitorInfoW
GetPropA
GetPropW
GetSysColor
GetSystemMetrics
GetUpdateRect
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
GetWindowThreadProcessId
InSendMessage
InvalidateRect
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsWindow
IsWindowEnabled
IsWindowUnicode
KillTimer
LoadAcceleratorsW
LoadCursorA
LoadCursorW
LoadIconW
LoadImageW
LoadStringA
LoadStringW
MapDialogRect
MapWindowPoints
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromRect
MoveWindow
OffsetRect
PackDDElParam
PeekMessageA
PostMessageA
PostMessageW
PostQuitMessage
RegisterClassA
RegisterClassExA
RegisterClassW
RegisterDeviceNotificationW
RemovePropW
ScrollWindowEx
SendDlgItemMessageW
SendMessageA
SendMessageW
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetPropA
SetPropW
SetScrollInfo
SetScrollPos
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextA
SetWindowTextW
SetWindowsHookExW
SetWindowsHookW
ShowWindow
SubtractRect
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHook
UnhookWindowsHookEx
UnpackDDElParam
UnregisterDeviceNotification
UpdateWindow
WaitForInputIdle
WinHelpW
wsprintfW
LoadIconA
CreateDialogParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CloseWindow
ClientToScreen
BeginPaint
CallNextHookEx
CallWindowProcW
CharUpperW
CheckMenuItem
CheckRadioButton
CreateDialogParamW

gdi32

FlattenPath

advapi32

RegQueryValueExA
RegOpenKeyW

ole32

CreateStreamOnHGlobal
DoDragDrop
IsEqualGUID
OleGetClipboard
OleInitialize
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromCLSID
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromString
CreateDataAdviseHolder

imm32

ImmDisableIME

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

980670a5dc4b1301583827271e468fe9

Code Sign

14:0f:ce:a5:33:2b:18:4b:bd:82:85:a1:c4:6b:e5:5dCertificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

cf:e0:7b:9e:aa:88:c2:1c:68:0b:6c:90:00:87:d2:88:be:78:1a:5dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

imm32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 338KB - Virtual size: 338KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 161KB - Virtual size: 160KB

14:0f:ce:a5:33:2b:18:4b:bd:82:85:a1:c4:6b:e5:5d
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

cf:e0:7b:9e:aa:88:c2:1c:68:0b:6c:90:00:87:d2:88:be:78:1a:5d
Signer

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 338KB - Virtual size: 338KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 161KB - Virtual size: 160KB