2a0ff0c6e3966f3a23f696b8c4b3dc12_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a0ff0c6e3966f3a23f696b8c4b3dc12_JaffaCakes118
Size

2.2MB
MD5

2a0ff0c6e3966f3a23f696b8c4b3dc12
SHA1

53157f7450dad79a02a8980b0d7d7e414607131a
SHA256

617694d6c54f381128d05813dcfdc5a74a7da3b3a537dec1da5a227fea752131
SHA512

4750fdab59b7ed6885b6c6e9443c3ecfd46c350d84c7203e1d8ca922d7ddc958e493347d3353610682056e5f8a1c1459eec9bd206222019599debc2f4f59d01c
SSDEEP

49152:2Fih4Pmt7Gs6gtwltZfsV68v63FpZ1CcnTKYBoWKrghHVyz:2whQXs6gKt1sVvv63HZ1CcnmYBoWKrW+

Score

1^/10

Malware Config

Signatures

Files

2a0ff0c6e3966f3a23f696b8c4b3dc12_JaffaCakes118
.exe windows:6 windows x86 arch:x86

055a664081536a98c957a43869b88ea3

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:c0:22:6a:71:1c:21:2d:90:ce:d7:13:c4:db:5d:42:d1:a9:9c:ab:e5:0c:87:ad:24:d6:0e:ec:d4:fc:1d:63
Signer

Actual PE Digest

6a:c0:22:6a:71:1c:21:2d:90:ce:d7:13:c4:db:5d:42:d1:a9:9c:ab:e5:0c:87:ad:24:d6:0e:ec:d4:fc:1d:63

Digest Algorithm

sha256

PE Digest Matches

true

51:fc:73:0a:cf:b1:0e:8b:b0:fb:bb:86:68:af:be:96:20:b4:5c:bb
Signer

Actual PE Digest

51:fc:73:0a:cf:b1:0e:8b:b0:fb:bb:86:68:af:be:96:20:b4:5c:bb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
VirtualProtect
VirtualQuery
GetModuleHandleA
GetVolumeInformationW
CloseHandle
GetEnvironmentStringsW
OutputDebugStringA
CloseThreadpoolCleanupGroup
TlsGetValue
SetLastError
VirtualAlloc
GetTimeZoneInformation
GetStartupInfoW
GetACP
ExitProcess
HeapAlloc
GetFileInformationByHandleEx
SetFirmwareEnvironmentVariableA
LCMapStringW
QueryPerformanceFrequency
AllocateUserPhysicalPagesNuma
MulDiv
GetConsoleCP
HeapReAlloc
MultiByteToWideChar
GetSystemTimes
SetThreadPriority
GetCompressedFileSizeTransactedA
InitializeCriticalSection
EncodePointer
WriteFile
InitializeSListHead
LeaveCriticalSection
OutputDebugStringW
CompareStringW
DeleteCriticalSection
LocalAlloc
LockFile
RaiseException
GetVersionExW
GetStdHandle
GetVolumePathNamesForVolumeNameW
GetFileAttributesExW
CreateThread
GetOEMCP
DeleteFileW
GetModuleFileNameW
FindResourceW
GetProfileIntW
GetCommandLineW
GetPrivateProfileIntW
GetFileSizeEx
GlobalFree
FlushFileBuffers
SystemTimeToTzSpecificLocalTime
GetUserDefaultUILanguage
GetCurrentThreadId
GlobalAlloc
GetNumaProximityNode
GlobalAddAtomW
GetTempPathW
LockResource
GetConsoleMode
WaitForSingleObject
GetExitCodeProcess
SetConsoleActiveScreenBuffer
SetErrorMode
TlsAlloc
LoadLibraryExW
Sleep
SetStdHandle
GetLastError
LoadLibraryA
DuplicateHandle
FindClose
FindFirstFileExW
lstrcmpiW
OpenPrivateNamespaceA
GlobalLock
TerminateProcess
GetFileTime
GetSystemDirectoryW
VerifyVersionInfoW
GlobalSize
lstrcpyW
GetProcAddress
GetModuleHandleW
SetEvent
GetCPInfo
GetCurrentDirectoryW
LocalFree
GetLocaleInfoW
SetEndOfFile
FreeEnvironmentStringsW
EnumResourceLanguagesExA
GlobalHandle
GetPrivateProfileStringW
SetTimeZoneInformation
IsDebuggerPresent
GetStringTypeW
GetFileType
FindResourceExW
GetSystemDefaultUILanguage
FormatMessageW
ResumeThread
SizeofResource
HeapFree
Process32NextW
Process32FirstW
UnhandledExceptionFilter
LoadResource
ResetEvent
GlobalGetAtomNameW
MapViewOfFileEx
DecodePointer
HeapSize
FindFirstFileTransactedW
GlobalFindAtomW
ExitThread
GetCommandLineA
InitializeCriticalSectionAndSpinCount
WriteConsoleW
TlsSetValue
EnumSystemLocalesA
LoadLibraryW
VerSetConditionMask
lstrcmpA
GetWindowsDirectoryW
CompareStringA
SetFilePointer
ReadFile
GetTickCount
GetFileAttributesW
SetUnhandledExceptionFilter
GetModuleHandleExW
RtlUnwind
TlsFree
EnterCriticalSection
FreeLibraryAndExitThread
WaitForSingleObjectEx
FileTimeToSystemTime
FindNextFileW
HeapQueryInformation
FreeLibrary
lstrcmpW
GetProcessHeap
SetFilePointerEx
GetCurrentProcessId
QueryThreadCycleTime
GetSystemInfo
IsValidCodePage
SetEnvironmentVariableW
GetTempFileNameW
GetCurrentThread
WritePrivateProfileStructW
GetLargePageMinimum
FindFirstFileW
WritePrivateProfileStringW
WideCharToMultiByte
CreateFileW
CreateEventW
GlobalDeleteAtom
IsProcessorFeaturePresent
SetLocaleInfoW
InitializeCriticalSectionEx
GetCurrentProcess
FileTimeToLocalFileTime
CopyFileW
GetEnvironmentVariableW
GetCurrencyFormatEx
GlobalReAlloc
GlobalFlags
LocalReAlloc
GlobalUnlock
GetFullPathNameW
QueryPerformanceCounter
SearchPathW
UnlockFile
GetFileSize
AddSIDToBoundaryDescriptor

user32

MessageBeep
AdjustWindowRectEx
GetClassInfoW
GrayStringW
DeleteMenu
GetPropW
GetScrollRange
EndDeferWindowPos
LoadCursorW
CopyIcon
InflateRect
TranslateAcceleratorW
GetNextDlgTabItem
ReuseDDElParam
EndPaint
BeginPaint
GetWindowLongW
InsertMenuW
DefRawInputProc
GetSysColorBrush
GetParent
GetKeyNameTextW
ShowOwnedPopups
SetFocus
PostMessageW
SetForegroundWindow
SetMenu
IsWindowEnabled
UnionRect
SetLastErrorEx
IsRectEmpty
DrawEdge
SubtractRect
DestroyAcceleratorTable
DrawAnimatedRects
GetWindowThreadProcessId
CheckDlgButton
GetWindow
DestroyWindow
AppendMenuW
GetFocus
CheckMenuItem
GetSystemMenu
GetKeyState
LoadAcceleratorsA
ClientToScreen
FlashWindow
SetMenuItemBitmaps
ReleaseDC
FillRect
GetSubMenu
MonitorFromPoint
DrawTextW
InvalidateRect
GetKeyboardState
SendMessageCallbackW
BeginDeferWindowPos
RedrawWindow
SetClipboardData
IsCharLowerW
SetScrollPos
SetLayeredWindowAttributes
RealChildWindowFromPoint
CallNextHookEx
GetDlgItem
ShowScrollBar
InvertRect
OffsetRect
CallMsgFilterA
HideCaret
LockWindowUpdate
SetClassLongW
SetCapture
GetPropA
DrawIcon
IsWindowVisible
GetWindowTextW
LoadMenuW
DestroyCursor
CreateAcceleratorTableW
PostThreadMessageW
GetMenuItemID
SetRectEmpty
GetCapture
SendDlgItemMessageA
GetMenuStringW
KillTimer
MoveWindow
FindWindowExW
TabbedTextOutW
DispatchMessageW
WindowFromPoint
SetWindowLongW
CopyImage
LoadImageW
TrackMouseEvent
SetRect
GetWindowRgn
CopyRect
DefWindowProcW
FrameRect
GetMessagePos
UnregisterClassW
IsClipboardFormatAvailable
OpenClipboard
IsMenu
FindWindowW
GetNextDlgGroupItem
ToUnicodeEx
SetMenuItemInfoW
SetScrollInfo
IsChild
DestroyIcon
SetMenuDefaultItem
RemovePropW
GetMessageTime
SetWindowTextW
GetTopWindow
EnableScrollBar
GetMenuItemInfoW
GetMenuItemCount
TrackPopupMenu
EnableWindow
GetClassLongW
RegisterWindowMessageW
EndDialog
GetScrollInfo
ScreenToClient
SetActiveWindow
ScrollWindow
SetTimer
CharUpperBuffW
SetParent
CreateMenu
GetDesktopWindow
DefMDIChildProcW
LoadAcceleratorsW
MapVirtualKeyW
UpdateWindow
GetClientRect
NotifyWinEvent
MapDialogRect
RemoveMenu
EqualRect
DrawFocusRect
MessageBoxW
GetMenuDefaultItem
DefFrameProcW
GetSystemMetrics
IntersectRect
GetClassNameW
PostQuitMessage
GetDoubleClickTime
DrawFrameControl
CreateWindowExW
CallWindowProcW
CreateDialogIndirectParamW
GetActiveWindow
ModifyMenuW
GetForegroundWindow
LoadBitmapW
SetWindowPlacement
UnhookWindowsHookEx
DeferWindowPos
GetMenu
UnpackDDElParam
EnableMenuItem
SystemParametersInfoW
GetWindowTextLengthW
TranslateMessage
UpdateLayeredWindow
PtInRect
GetMessageW
GetMenuState
SetPropW
SetDlgItemTextW
EnumDisplayMonitors
SendMessageW
GetIconInfo
RegisterClipboardFormatW
LoadIconW
ValidateRect
BringWindowToTop
MapVirtualKeyExW
IsIconic
IsZoomed
GetScrollPos
GetUpdateRect
GetWindowDC
DrawIconEx
MapWindowPoints
GetUserObjectInformationW
GetComboBoxInfo
GetDC
EnumChildWindows
SetCursor
InsertMenuItemW
CharUpperW
DrawTextExW
SetScrollRange
ShowWindow
EmptyClipboard
SetWindowPos
GetWindowPlacement
GetSysColor
GetMenuCheckMarkDimensions
SetWindowRgn
IsWindow
DestroyMenu
CreatePopupMenu
DrawMenuBar
GetLastActivePopup
IsDialogMessageW
RegisterClassW
GetDlgCtrlID
WinHelpW
EnumDisplaySettingsExW
WaitMessage
DrawStateW
GetClassInfoExW
TranslateMDISysAccel
GetMonitorInfoW
PeekMessageW
MonitorFromWindow
ReleaseCapture
GetKeyboardLayout
SetCursorPos
SetWindowsHookExW
GetWindowRect
CopyAcceleratorTableW
GetAsyncKeyState
CloseClipboard
GetCursorPos

gdi32

ScaleWindowExtEx
Escape
ExtFloodFill
GetLayout
CreateRectRgnIndirect
RealizePalette
SetWindowExtEx
GetNearestPaletteIndex
GetObjectType
GetWindowOrgEx
ExtSelectClipRgn
CreateDIBitmap
CreatePatternBrush
SetWindowOrgEx
GetWindowExtEx
Rectangle
SelectPalette
IntersectClipRect
GetBkColor
OffsetWindowOrgEx
BitBlt
SetLayout
ExcludeClipRect
CreateCompatibleBitmap
SetMapMode
GetTextExtentPoint32W
Polygon
TextOutW
GetViewportExtEx
GetTextFaceW
SetPixelV
LPtoDP
GetObjectW
GetStockObject
CombineRgn
CreateDCW
DeleteDC
CreatePalette
PatBlt
MoveToEx
SetROP2
SaveDC
OffsetRgn
GetDeviceCaps
CreateRectRgn
GetDIBits
SelectClipRgn
CreatePen
GetSystemPaletteEntries
RectVisible
GetPixel
SetRectRgn
CreateDIBSection
SetPixel
GetTextCharsetInfo
DPtoLP
SetBkMode
CreateEllipticRgn
StretchBlt
ExtTextOutW
RoundRect
FrameRgn
RestoreDC
ScaleViewportExtEx
CreateSolidBrush
SetViewportOrgEx
SetViewportExtEx
CreateFontIndirectW
OffsetViewportOrgEx
CreateBitmap
SetPaletteEntries
SetDIBColorTable
CopyMetaFileW
Polyline
SetTextAlign
GetBoundsRect
GetViewportOrgEx
GetRgnBox
GetTextColor
PtVisible
CreateHatchBrush
SetBkColor
EnumFontFamiliesExW
CreateCompatibleDC
PtInRegion
SelectObject
CreateRoundRectRgn
GetClipBox
SetPolyFillMode
DeleteObject
Ellipse
GetTextMetricsW
LineTo
FillRgn
EnumFontFamiliesW
CreatePolygonRgn
GetPaletteEntries
SetTextColor

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegDeleteKeyTransactedW
RegOpenKeyExW
RegEnumKeyExW
RegSaveKeyExA
FileEncryptionStatusW
AdjustTokenPrivileges
MakeAbsoluteSD
RegCreateKeyExW
RegUnLoadKeyW
ObjectCloseAuditAlarmW
RegDeleteKeyValueW
RegEnumKeyW
OpenProcessToken
CreateRestrictedToken
RegDeleteKeyW
AreAllAccessesGranted
CredWriteA
RegDeleteTreeW
FileEncryptionStatusA
LookupPrivilegeValueW
RegQueryValueW
BackupEventLogW
AllocateLocallyUniqueId
GetManagedApplications
RegUnLoadKeyA
RegSetValueExW
AccessCheckByTypeAndAuditAlarmA
GetSecurityDescriptorControl
AccessCheckByTypeResultList
EventWriteString
RegCloseKey
RegDeleteValueW
RegEnumValueW

shell32

SHGetFolderPathAndSubDirW
SHGetDesktopFolder
SHGetFolderLocation
SHGetPathFromIDListEx
SHGetFileInfoW
SHGetPathFromIDListW
SHAppBarMessage
SHGetSpecialFolderLocation
ShellExecuteW
SHGetMalloc
SHCreateDataObject
SHBrowseForFolderW
ord23
DragQueryFileW
DragFinish

comctl32

InitCommonControlsEx

shlwapi

SHSetValueA
PathRemoveArgsA
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameA
PathStripToRootW
ord432
PathIsUNCW
PathUndecorateW
StrFormatKBSizeW
PathRemoveBlanksW
SHIsLowMemoryMachine
PathFindFileNameW
PathMakeSystemFolderA
ord155
PathIsContentTypeW

uxtheme

CloseThemeData
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
IsAppThemed
GetThemeSysColor
DrawThemeBackground
GetThemeColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
OpenThemeData
GetThemePartSize

ole32

OleDestroyMenuDescriptor
DoDragDrop
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
RevokeDragDrop
CoTaskMemAlloc
CoInitializeSecurity
OleGetClipboard
CoLockObjectExternal
CoCreateGuid
OleCreateMenuDescriptor
ReleaseStgMedium
OleTranslateAccelerator
OleDuplicateData
CoInitialize
CoUninitialize
RegisterDragDrop
IsAccelerator
CoDisconnectObject

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipCloneImage
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipSetInterpolationMode
GdiplusStartup
GdipDrawImageI
GdipGetImageHeight
GdiplusShutdown
GdipBitmapUnlockBits
GdipFree
GdipAlloc
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImageWidth
GdipDisposeImage
GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

055a664081536a98c957a43869b88ea3

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

6a:c0:22:6a:71:1c:21:2d:90:ce:d7:13:c4:db:5d:42:d1:a9:9c:ab:e5:0c:87:ad:24:d6:0e:ec:d4:fc:1d:63Signer

51:fc:73:0a:cf:b1:0e:8b:b0:fb:bb:86:68:af:be:96:20:b4:5c:bbSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.text1 Size: 9KB - Virtual size: 8KB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 136KB - Virtual size: 136KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

6a:c0:22:6a:71:1c:21:2d:90:ce:d7:13:c4:db:5d:42:d1:a9:9c:ab:e5:0c:87:ad:24:d6:0e:ec:d4:fc:1d:63
Signer

51:fc:73:0a:cf:b1:0e:8b:b0:fb:bb:86:68:af:be:96:20:b4:5c:bb
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.text1
Size: 9KB - Virtual size: 8KB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 136KB - Virtual size: 136KB