329861931c368d6d90d23e3c0d41e27d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

329861931c368d6d90d23e3c0d41e27d_JaffaCakes118
Size

2.2MB
MD5

329861931c368d6d90d23e3c0d41e27d
SHA1

90c7e7f936e453247a29e1db7e5a8148b5dc074f
SHA256

8014539a420b3544405c8e465e2c7c950617341721dd895026f726c34c3fa1a4
SHA512

e06fde84e6a501a230f52fd2ec899902b798bcc028161cafddd6eae4179d5bf4c36753f3dbd7a4cfb87071ed60d53793a34fcda491b3a7c2ba63baaf6413589a
SSDEEP

49152:/EMM04y/ptpHkGwuR29VTKa9h/u+EvMGK6wap6/hBnS:/EYd/p/HWu2jmkh/u+EvMGK6wa+hBS

Score

1^/10

Malware Config

Signatures

Files

329861931c368d6d90d23e3c0d41e27d_JaffaCakes118
.exe windows:6 windows x86 arch:x86

10b0d3d9d1dc6858e3c75d3506a8c96d

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ad:ad:63:06:d6:d7:5e:93:c1:d2:ff:17:2b:13:64:5f:2b:8c:a7:04:c4:55:c3:09:17:0b:09:2c:20:2b:9a:88
Signer

Actual PE Digest

ad:ad:63:06:d6:d7:5e:93:c1:d2:ff:17:2b:13:64:5f:2b:8c:a7:04:c4:55:c3:09:17:0b:09:2c:20:2b:9a:88

Digest Algorithm

sha256

PE Digest Matches

true

d1:c5:08:e2:b3:89:75:27:7c:34:ef:96:ec:74:e5:8a:9a:cb:2f:3d
Signer

Actual PE Digest

d1:c5:08:e2:b3:89:75:27:7c:34:ef:96:ec:74:e5:8a:9a:cb:2f:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetCurrentDirectoryW
GetDynamicTimeZoneInformation
lstrcmpiW
GetSystemTimeAsFileTime
GetConsoleMode
GetPrivateProfileStringW
GetLongPathNameTransactedA
GetModuleHandleW
GetUserDefaultUILanguage
GetLocaleInfoW
GetProfileIntW
GetWindowsDirectoryW
IsValidCodePage
GetFileAttributesExW
GetModuleHandleExW
VirtualFree
GetPrivateProfileIntW
GetCurrentProcess
SetLastError
SetUnhandledExceptionFilter
LCMapStringW
lstrcpyW
LocalReAlloc
ExitProcess
ClosePrivateNamespace
CompareStringA
FlushFileBuffers
Sleep
IsProcessorFeaturePresent
TlsFree
LoadResource
FindFirstFileW
ResumeThread
TlsGetValue
FindClose
EnumResourceTypesExW
GetFileTime
GetSystemInfo
lstrcmpA
SetFilePointer
GetCommConfig
PulseEvent
GetModuleHandleA
UnhandledExceptionFilter
ExitThread
FindResourceExW
GetVersionExW
UnregisterApplicationRecoveryCallback
GlobalGetAtomNameW
MultiByteToWideChar
OutputDebugStringA
HeapAlloc
GetStartupInfoW
DeleteFileW
LoadLibraryW
FreeLibraryAndExitThread
LoadLibraryA
WaitForThreadpoolWorkCallbacks
SetEndOfFile
GlobalAddAtomA
SetProcessAffinityMask
InitializeCriticalSection
QueryPerformanceFrequency
GlobalDeleteAtom
SystemTimeToTzSpecificLocalTime
TlsSetValue
GetConsoleOriginalTitleA
GetModuleFileNameW
GlobalSize
DecodePointer
GetErrorMode
SetEnvironmentVariableW
HeapQueryInformation
GetLastError
GetProcAddress
GetCPInfo
FileTimeToSystemTime
QueryPerformanceCounter
WaitNamedPipeW
GetTickCount
MulDiv
SizeofResource
TlsAlloc
GetTimeZoneInformation
CopyFileW
ResetEvent
GetStringTypeW
FormatMessageW
GetTempFileNameW
GetCurrentThread
GetProcessHeap
GetCommProperties
SetStdHandle
VirtualProtect
SetErrorMode
GetCommandLineW
SetThreadpoolThreadMinimum
GetEnvironmentStringsW
CreateThreadpoolWait
WaitForSingleObjectEx
CreateFileW
GetConsoleAliasExesLengthA
RaiseException
GetTempPathW
GetCurrentThreadId
HeapReAlloc
DeleteCriticalSection
GetFileType
LoadLibraryExW
EncodePointer
FindResourceW
VirtualQuery
GlobalUnlock
DuplicateHandle
GlobalHandle
FileTimeToLocalFileTime
LocalAlloc
VerSetConditionMask
TerminateProcess
GlobalFindAtomW
lstrcmpW
GlobalReAlloc
GetEnvironmentVariableW
LeaveCriticalSection
RtlUnwind
VerifyVersionInfoW
WaitForSingleObject
FreeEnvironmentStringsW
WriteConsoleW
GetOEMCP
EnterCriticalSection
SetEvent
GetFileSizeEx
GetCommandLineA
InitializeCriticalSectionAndSpinCount
SetThreadPriority
CreateEventW
VirtualAlloc
HeapFree
OutputDebugStringW
LeaveCriticalSectionWhenCallbackReturns
GetACP
GetFileSize
CreateThread
GlobalFree
SearchPathW
SetFilePointerEx
GetSystemDirectoryW
GetStdHandle
WritePrivateProfileStringW
DisconnectNamedPipe
FindFirstFileExW
ReadFile
GlobalAddAtomW
HeapSize
WideCharToMultiByte
GetVolumeInformationW
CloseHandle
LocalFree
GetConsoleCP
GetSystemDefaultUILanguage
GetFullPathNameW
RequestDeviceWakeup
UnlockFile
GetFileAttributesW
InitializeCriticalSectionEx
FindNextFileW
GetCurrentProcessId
GlobalLock
InitializeSListHead
LockResource
Process32NextW
GlobalFlags
WriteFile
IsDebuggerPresent
LockFile
CompareStringW
SetCommState
FreeLibrary

user32

RedrawWindow
SetScrollInfo
GetMessageW
SetScrollRange
IsWindow
CreateMenu
GetDoubleClickTime
IsMenu
CallWindowProcW
EndDeferWindowPos
LoadMenuW
ToUnicodeEx
GetSubMenu
GetComboBoxInfo
ClipCursor
SetCursorPos
SendMessageTimeoutW
LockWindowUpdate
DrawTextExW
TranslateMDISysAccel
EndDialog
SetTimer
GetWindowTextW
DestroyIcon
RemovePropW
GetSysColorBrush
GetClientRect
SetWindowPos
SetRectEmpty
GetCapture
EnumChildWindows
EnumPropsW
InsertMenuItemW
GetWindowTextLengthW
CopyIcon
GetMenuItemCount
BeginDeferWindowPos
GetFocus
DestroyAcceleratorTable
CharPrevW
GetWindow
GetKeyNameTextW
RegisterClipboardFormatW
WinHelpW
DeleteMenu
FrameRect
ReuseDDElParam
DrawEdge
GetKeyState
MoveWindow
GetWindowRect
GetMenuDefaultItem
GetWindowPlacement
GrayStringW
DefMDIChildProcW
TabbedTextOutW
DialogBoxIndirectParamW
DrawMenuBar
DrawTextW
SetScrollPos
AdjustWindowRectEx
IsDialogMessageW
GetSystemMetrics
ScrollWindow
IsClipboardFormatAvailable
GetForegroundWindow
SetRect
CharUpperBuffW
GetCursorPos
SetWindowLongW
RegisterWindowMessageW
GetDesktopWindow
CallNextHookEx
ScreenToClient
MapVirtualKeyW
LoadImageW
PostQuitMessage
GetSysColor
GetKeyboardLayout
PostThreadMessageW
GetScrollInfo
SetClassLongW
SetActiveWindow
IsZoomed
CreateWindowExW
GetNextDlgGroupItem
CheckMenuItem
MapVirtualKeyExW
LoadIconW
GetActiveWindow
WindowFromPoint
SendMessageW
SetMenuItemInfoW
GetKeyboardState
DeferWindowPos
OffsetRect
IsWindowEnabled
DrawIcon
MessageBoxW
FindWindowW
GetClassLongW
SystemParametersInfoW
BroadcastSystemMessageW
DispatchMessageW
GetLastActivePopup
RemoveMenu
GetTopWindow
GetMenuItemID
UnpackDDElParam
ModifyMenuW
EnableWindow
ValidateRect
EqualRect
ShowScrollBar
OpenIcon
DestroyCursor
AppendMenuW
DestroyWindow
GetMenu
GetMessageTime
GetWindowRgn
GetWindowThreadProcessId
SetForegroundWindow
GetNextDlgTabItem
MessageBeep
FindWindowExW
CloseClipboard
GetPropW
TrackMouseEvent
ReleaseDC
UnionRect
GetQueueStatus
EnumDisplayMonitors
EndPaint
GetDlgCtrlID
CreatePopupMenu
UpdateLayeredWindow
GetUpdateRect
GetShellWindow
InvertRect
CopyRect
DrawIconEx
ClientToScreen
SetClipboardData
AdjustWindowRect
NotifyWinEvent
GetMonitorInfoW
UpdateWindow
GetSystemMenu
GetMenuState
DefFrameProcW
GetAsyncKeyState
SendDlgItemMessageA
GetMenuCheckMarkDimensions
BeginPaint
DrawFrameControl
ShowOwnedPopups
EnableScrollBar
LoadCursorW
PtInRect
RealChildWindowFromPoint
RegisterClassW
OpenClipboard
CreateWindowStationA
GetScrollRange
SetMenuItemBitmaps
GetMessagePos
SubtractRect
FillRect
GetClassInfoW
EnableMenuItem
PeekMessageW
SetWindowsHookExW
SetParent
CheckDlgButton
ReleaseCapture
TranslateMessage
IsChild
IsRectEmpty
DestroyMenu
SetCapture
IntersectRect
CopyAcceleratorTableW
GetIconInfo
IsIconic
GetWindowLongW
LoadBitmapW
SetCursor
TranslateAcceleratorW
SetMenuDefaultItem
HideCaret
GetProcessWindowStation
CharUpperW
GetWindowDC
GetClassInfoExW
ShowWindow
SetMenu
SetFocus
BringWindowToTop
PostMessageW
DefDlgProcW
CreateAcceleratorTableW
CreateDialogIndirectParamW
MonitorFromPoint
GetDC
MapWindowPoints
IsCharLowerW
MapDialogRect
MonitorFromWindow
LoadAcceleratorsW
SetWindowRgn
SetDlgItemTextW
GetMenuStringW
InflateRect
SetWindowTextW
KillTimer
UnregisterClassW
InsertMenuW
UnhookWindowsHookEx
SetPropW
GetClassNameW
GetMenuItemInfoW
EmptyClipboard
InvalidateRect
CopyImage
DefWindowProcW
IsWindowVisible
SetWindowPlacement
GetScrollPos
SetLayeredWindowAttributes
DrawFocusRect
GetDlgItem
TrackPopupMenu
DrawStateW
DefRawInputProc
WaitMessage
GetParent

gdi32

Ellipse
GetTextColor
SetRectRgn
SetROP2
BitBlt
GetObjectW
SelectPalette
GetStockObject
OffsetRgn
CreatePen
DeleteDC
ExtSelectClipRgn
CreateSolidBrush
DeleteObject
OffsetWindowOrgEx
DPtoLP
OffsetViewportOrgEx
Escape
GetPaletteEntries
GetTextMetricsW
CreateDIBitmap
GetObjectType
CreatePalette
ExtTextOutW
PtVisible
SetTextAlign
SetViewportOrgEx
SetWindowOrgEx
GetTextFaceW
CreateDCW
GetClipBox
ExtFloodFill
GetViewportOrgEx
EnumFontFamiliesExW
MoveToEx
Polyline
CreateHatchBrush
CreateRoundRectRgn
IntersectClipRect
FrameRgn
GetSystemPaletteEntries
GetRgnBox
CreatePolygonRgn
PatBlt
ScaleViewportExtEx
GetTextExtentPoint32W
CreateRectRgn
GetViewportExtEx
CreateRectRgnIndirect
CombineRgn
GetDeviceCaps
SetBkColor
SelectClipRgn
GetPixel
SetPolyFillMode
LPtoDP
CreateDIBSection
RoundRect
ScaleWindowExtEx
GetWindowExtEx
SetPixel
RealizePalette
CopyMetaFileW
ExcludeClipRect
CreatePatternBrush
TextOutW
CreateCompatibleBitmap
SetPixelV
Polygon
StretchBlt
LineTo
SetBkMode
GetWindowOrgEx
SetDIBColorTable
PtInRegion
GetBkColor
SelectObject
RestoreDC
CreateEllipticRgn
Rectangle
GetTextCharsetInfo
CreateBitmap
SetLayout
GetNearestPaletteIndex
RectVisible
SetMapMode
GetBoundsRect
SetViewportExtEx
CreateCompatibleDC
GetDIBits
SetPaletteEntries
EnumFontFamiliesW
SetWindowExtEx
SaveDC
FillRgn
GetLayout
CreateFontIndirectW
SetTextColor

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CredUnprotectW
RegEnumKeyW
PerfSetCounterRefValue
RegQueryValueExW
EqualDomainSid
LookupAccountSidA
AdjustTokenPrivileges
RegCreateKeyExW
SetSecurityAccessMask
RegDeleteKeyW
RegCreateKeyA
GetCurrentHwProfileW
EventAccessQuery
OpenProcessToken
RegDeleteKeyValueA
RegDeleteValueW
LookupPrivilegeValueW
RegSetValueExW
FileEncryptionStatusW
ImpersonateNamedPipeClient
RegLoadMUIStringA
RegOpenKeyExW
ObjectDeleteAuditAlarmA
AddAccessAllowedAce
RegEnumValueW
RegQueryValueW
RegEnumKeyExW
PerfStartProvider
LookupPrivilegeDisplayNameW
RegCloseKey

shell32

DragFinish
DragQueryFileW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetMalloc
SHCreateDirectoryExA
SHGetDesktopFolder
FindExecutableA
ord174
ord3
ord98
SHBrowseForFolderW
ShellExecuteW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

StrFormatByteSizeW
PathQuoteSpacesA
StrRetToBufW
StrFormatKBSizeW
PathCompactPathA
PathRemoveFileSpecW
ord10
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathRelativePathToA
SHDeleteEmptyKeyW
PathFindFileNameW
ord152
PathQuoteSpacesW
PathFindFileNameA
SHCopyKeyA

uxtheme

GetThemeColor
GetWindowTheme
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
CloseThemeData
OpenThemeData
GetCurrentThemeName
DrawThemeBackground
IsAppThemed
GetThemePartSize

ole32

CoCreateInstance
OleTranslateAccelerator
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoDisconnectObject
OleDestroyMenuDescriptor
OleGetClipboard
RevokeDragDrop
OleCreateMenuDescriptor
OleLockRunning
CoCreateGuid
CoInitialize
CoTaskMemFree
CreateStreamOnHGlobal
DoDragDrop
CoTaskMemAlloc
IsAccelerator
CoInitializeEx
RegisterDragDrop
CoInitializeSecurity
CoLockObjectExternal

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime

gdiplus

GdipGetImagePaletteSize
GdiplusStartup
GdipAlloc
GdipGetImageHeight
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImageWidth
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipCloneImage
GdipDeleteGraphics
GdipSetInterpolationMode
GdipBitmapLockBits
GdipFree
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipDrawImageI
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipGetImageGraphicsContext

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.inhu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hemjo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10b0d3d9d1dc6858e3c75d3506a8c96d

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

ad:ad:63:06:d6:d7:5e:93:c1:d2:ff:17:2b:13:64:5f:2b:8c:a7:04:c4:55:c3:09:17:0b:09:2c:20:2b:9a:88Signer

d1:c5:08:e2:b3:89:75:27:7c:34:ef:96:ec:74:e5:8a:9a:cb:2f:3dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.inhu Size: 1KB - Virtual size: 1KB

.hemjo Size: 4KB - Virtual size: 4KB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 136KB - Virtual size: 136KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

ad:ad:63:06:d6:d7:5e:93:c1:d2:ff:17:2b:13:64:5f:2b:8c:a7:04:c4:55:c3:09:17:0b:09:2c:20:2b:9a:88
Signer

d1:c5:08:e2:b3:89:75:27:7c:34:ef:96:ec:74:e5:8a:9a:cb:2f:3d
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.inhu
Size: 1KB - Virtual size: 1KB

.hemjo
Size: 4KB - Virtual size: 4KB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 136KB - Virtual size: 136KB