1ae31cf44535e75f57c9c6f7f9626ac0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1ae31cf44535e75f57c9c6f7f9626ac0_JaffaCakes118
Size

340KB
MD5

1ae31cf44535e75f57c9c6f7f9626ac0
SHA1

ef8905cafd204f7f66c1419bd3142dcaad1bed64
SHA256

447ec5beb46ae43fe72804083344dbcdefc9a8e8cee9a55038df1fa9bda91644
SHA512

6e64466c4fb7da8146a212ba2c392aaa2b967e79cd1775b3791d63597e8ca1eb82188fb947af1ed126183c33c6172db1d42a4c102a25f35e78b900e35a45511f
SSDEEP

3072:UvA1p08RqEQAIVEd2gG/vNlo0JFx/pANyCm0PQEKR/JnXHWP:U206xWgGxLxWN40PDKR/JnX2P

Score

1^/10

Malware Config

Signatures

Files

1ae31cf44535e75f57c9c6f7f9626ac0_JaffaCakes118
.dll windows:3 windows x86 arch:x86

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

Issuer

CN=BMUZVYUGWSQWLAIISX

Not Before

21/01/2021, 22:35

Not After

31/12/2039, 23:59

Subject

CN=BMUZVYUGWSQWLAIISX

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5d:67:0b:8e:11:29:13:82:14:c7:a5:70:f0:38:fb:be:86:17:6d:00
Signer

Actual PE Digest

5d:67:0b:8e:11:29:13:82:14:c7:a5:70:f0:38:fb:be:86:17:6d:00

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError

user32

LoadCursorA
DrawMenuBar
wsprintfW
PostMessageA
EnumChildWindows
SendMessageTimeoutA
GetWindowTextA
EnumWindows
SendMessageA
wsprintfA
GetClassNameA

gdi32

AddFontResourceW
RealizePalette
CreateMetaFileW

advapi32

RegOpenKeyA
GetUserNameA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50Certificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

5d:67:0b:8e:11:29:13:82:14:c7:a5:70:f0:38:fb:be:86:17:6d:00Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 512B - Virtual size: 87B

.data Size: 1024B - Virtual size: 1KB

.text4 Size: 315KB - Virtual size: 315KB

.text8 Size: 512B - Virtual size: 100B

.text7 Size: 512B - Virtual size: 100B

.text6 Size: 512B - Virtual size: 100B

.text5 Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 992B

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

5d:67:0b:8e:11:29:13:82:14:c7:a5:70:f0:38:fb:be:86:17:6d:00
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 512B - Virtual size: 87B

.data
Size: 1024B - Virtual size: 1KB

.text4
Size: 315KB - Virtual size: 315KB

.text8
Size: 512B - Virtual size: 100B

.text7
Size: 512B - Virtual size: 100B

.text6
Size: 512B - Virtual size: 100B

.text5
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 992B