aa9e5d7f8bcc9343f412f43e630750b1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aa9e5d7f8bcc9343f412f43e630750b1_JaffaCakes118
Size

943KB
MD5

aa9e5d7f8bcc9343f412f43e630750b1
SHA1

735bca65cbd424c82f6a098409b76b46b32ddb05
SHA256

44bb4ffead0b0c9f8c0596e7b2bed0cea23c3cb8ec7fa09eced23d3bdf8b6b93
SHA512

387bc2f10bdd1497ef3d268ebe4cba6928377c10550748e303aec4685174cb3fa5efb9f78aa554bb48448b9f5cf39b83d8f995d344cc2c218a7536a5b72c137e
SSDEEP

24576:3/7TbYcDa6BSSEkmfSRmjNr0HmO0g9miDnP9GA1K:P7TajSENNO79FDPz1K

Score

1^/10

Malware Config

Signatures

Files

aa9e5d7f8bcc9343f412f43e630750b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ced023e4a42f674b6e4041f9780b6ae9

Code Sign

64:4d:a5:84:ba:53:61:5a:b4:65:3c:f5:92:a1:3e:50
Certificate

Issuer

CN=VHRGUMCPBKMFRGRSFG

Not Before

08-08-2019 16:56

Not After

31-12-2039 23:59

Subject

CN=VHRGUMCPBKMFRGRSFG

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07-06-2005 08:09

Not After

30-05-2020 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27-04-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02-05-2019 00:00

Not After

30-05-2020 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:81:f8:ad:a7:6e:a2:fd:ba:d4:a4:25:e2:b7:a0:2e:f1:63:28:36
Signer

Actual PE Digest

04:81:f8:ad:a7:6e:a2:fd:ba:d4:a4:25:e2:b7:a0:2e:f1:63:28:36

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
IsDBCSLeadByte
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
WaitForMultipleObjects
WinExec
WriteFile
lstrlenA
GetProcAddress
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
InitializeCriticalSectionAndSpinCount
HeapFree
VirtualFree
HeapCreate
GetModuleHandleA
GetFileSize
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCPInfo
GetACP
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateFileA
CopyFileA
GetModuleHandleW
CloseHandle
InterlockedDecrement
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError

user32

LoadIconA
UnregisterClassA
TranslateMessage
SetWindowLongW
SetTimer
SendMessageTimeoutW
RegisterClassExW
PostThreadMessageW
PostMessageW
PeekMessageW
MessageBoxW
LoadStringW
LoadCursorW
KillTimer
IsWindow
GetWindowLongW
GetMessageW
GetClassInfoExW
GetActiveWindow
FindWindowW
ExitWindowsEx
DispatchMessageW
DestroyWindow
DefWindowProcW
CreateWindowExW
CharNextW
CallWindowProcW
RegisterClassW

gdi32

PathToRegion
GetStockObject

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExA

shlwapi

wvnsprintfW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ced023e4a42f674b6e4041f9780b6ae9

Code Sign

64:4d:a5:84:ba:53:61:5a:b4:65:3c:f5:92:a1:3e:50Certificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

04:81:f8:ad:a7:6e:a2:fd:ba:d4:a4:25:e2:b7:a0:2e:f1:63:28:36Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 865KB - Virtual size: 864KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 21KB - Virtual size: 1.1MB

64:4d:a5:84:ba:53:61:5a:b4:65:3c:f5:92:a1:3e:50
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

04:81:f8:ad:a7:6e:a2:fd:ba:d4:a4:25:e2:b7:a0:2e:f1:63:28:36
Signer

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 865KB - Virtual size: 864KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 21KB - Virtual size: 1.1MB