4104a7da572ae06eb42b3fdc5a262997_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4104a7da572ae06eb42b3fdc5a262997_JaffaCakes118
Size

262KB
MD5

4104a7da572ae06eb42b3fdc5a262997
SHA1

bf15e48f700f01a8b2c1324249da1879e2378615
SHA256

00eddd138e5dd922674389cfa97a1f083f37fb8436d0bc7da22bb16e79efca9d
SHA512

d86caf58fa085c8314272fcb70c5cdf16d9ae4d90645b0c5820166cbb3f1684ae3ec18e4016b1aa0871e3000fe2e8f2c4a73e11eeb6a29deec2ab50bf7de77d8
SSDEEP

6144:aDnegNjNelXOcLG564MMaVdpb2X5kVIXPe7gLSA3Ne9F:aLegNj4OcLG564MMarq5kVIXPeye9F

Score

1^/10

Malware Config

Signatures

Files

4104a7da572ae06eb42b3fdc5a262997_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e650495ed1264a4f5b7ae76164c0b03

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02-03-2010 00:00

Not After

02-03-2011 23:59

Subject

CN=Comodo Security Solutions\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Comodo Security Solutions\, Inc.,L=Jersey City,ST=New Jersey,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3f:bc:f7:4e:b3:f9:fd:0e:3e:71:80:00:32:81:98:67:a8:5e:ad:22
Signer

Actual PE Digest

3f:bc:f7:4e:b3:f9:fd:0e:3e:71:80:00:32:81:98:67:a8:5e:ad:22

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateNamedPipeW
GetLongPathNameW
GetModuleHandleA
lstrlenA
GetAtomNameA
SystemTimeToFileTime
LocalAlloc
IsBadStringPtrW
lstrlen
MultiByteToWideChar
GetSystemDefaultLCID
GetNumberFormatW
GetProcAddress
GetModuleHandleW
lstrcmp
Sleep
GetSystemInfo
lstrcatA
lstrcatW
lstrcpyn
lstrcat
LoadLibraryA
LoadLibraryA
GetFileAttributesA
QueryPerformanceFrequency
ReplaceFileA
HeapCreate
GetLogicalDriveStringsW
GetDiskFreeSpaceA
EnumDateFormatsA
EnumCalendarInfoW
GetSystemDirectoryA
CompareFileTime
EnumDateFormatsW
GlobalFindAtomW
GlobalFindAtomA
Beep
CopyFileA
GlobalGetAtomNameA
GetSystemTime
SetUnhandledExceptionFilter
SetLocaleInfoW
LocalFree
OpenSemaphoreW
IsValidLocale
ExitProcess
MulDiv
IsBadCodePtr
GetVersionExW
GetLongPathNameA
BeginUpdateResourceA
CopyFileExW
SearchPathW
GlobalGetAtomNameW
GlobalAlloc
OpenMutexW
CreateEventA
CreateEventW
ExpandEnvironmentStringsA
FindAtomA
lstrcmpA
OpenFile
FileTimeToLocalFileTime
RaiseException
GetExpandedNameW
GetComputerNameA
EnumCalendarInfoA
SetCalendarInfoW
CreateMutexW
SleepEx
TlsAlloc
FreeLibrary
GetThreadLocale
SetCurrentDirectoryW

user32

LoadBitmapA
DestroyIcon
OpenClipboard
CreateWindowExA
GetFocus
CharUpperA
GetCapture
AppendMenuW
SetParent
SetForegroundWindow
SetTimer
DialogBoxParamA
TrackPopupMenu
GetMessageA
WinHelpA
GetCapture
SetDlgItemTextW
AdjustWindowRect
UnregisterClassW
GetMenuItemID
GetKeyboardType
CreateWindowExW
RegisterWindowMessageW
GetMenuState
IsDlgButtonChecked
WaitForInputIdle
SetCursorPos
CharLowerW
DialogBoxParamW
InsertMenuItemA
TrackPopupMenuEx
FindWindowA
MessageBeep
GetMessageW
GetIconInfo
CharLowerA
LoadMenuIndirectW
LoadMenuIndirectA
GetMenuItemRect
GetDlgItemInt
LoadIconW
EmptyClipboard
GetMenuInfo
SetFocus
GetClassInfoA
DestroyMenu
UpdateLayeredWindow
MonitorFromRect
SetWindowPos
PostMessageA
GetDlgItemTextA
UnregisterClassA
DefWindowProcW
WaitMessage
GetAsyncKeyState
SendDlgItemMessageA
RegisterClassExA
CharPrevA
SetCapture
SetDlgItemTextA
InsertMenuItemW
CreateMenu
MessageBoxIndirectA
keybd_event
LoadImageA
InvalidateRect
PeekMessageA
ShowWindow
SetDlgItemInt
MoveWindow
CreateDialogIndirectParamA
ActivateKeyboardLayout
CreateDialogParamA
CheckMenuItem
CreateDesktopW
SetCursor
OffsetRect
GetClassInfoExW
IsChild
GetActiveWindow
AppendMenuA
EnumClipboardFormats
GetMenu
GetCaretPos
ShowCaret
LoadCursorA
LoadMenuW
LoadImageW
PostMessageW
EnumWindows
mouse_event
GetSystemMetrics
IsWindow
MessageBoxIndirectW
CreateDesktopA
LoadCursorW
ShowCursor
RegisterWindowMessageA
RemoveMenu
RegisterClassA
InsertMenuA
SetWindowTextW
CharUpperW
PostQuitMessage
GetDCEx

gdi32

GetMetaFileA
CreateScalableFontResourceA
GetTextExtentPointW
GetEnhMetaFilePixelFormat
CreateFontIndirectExW
CreateScalableFontResourceW
CreateICA
CreateBrushIndirect
CreateDIBPatternBrush
RemoveFontResourceExA
CreateCompatibleDC
CreateSolidBrush
CreateRoundRectRgn
CreateDIBSection
CreateBitmapIndirect
DeleteObject
RemoveFontResourceExW
AddFontResourceA
GetRasterizerCaps
GetMetaFileW
TranslateCharsetInfo
CreateEllipticRgn
CreateHatchBrush
CreateBitmap
CreateFontIndirectA
CreateRectRgn
CreateFontA
CreateFontW
CreatePatternBrush
GetEnhMetaFileW
AddFontResourceW

advapi32

SetPrivateObjectSecurity
ElfRegisterEventSourceW
SetInformationCodeAuthzPolicyW
RegCreateKeyA
CreatePrivateObjectSecurityEx
DeleteAce
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegEnumValueA
SystemFunction025
ConvertStringSDToSDRootDomainW
QueryAllTracesA
UpdateTraceA
WmiQuerySingleInstanceA

shell32

SHGetDataFromIDListW
StrCmpNIW
SHGetDesktopFolder
ExtractAssociatedIconExW
StrChrA

comctl32

ImageList_LoadImageA
CreateUpDownControl
ImageList_Read
ImageList_GetImageRect
InitializeFlatSB
ImageList_SetIconSize
ImageList_Destroy
DrawInsert
DrawStatusTextW
ImageList_LoadImage
DrawStatusTextA

ole32

StringFromCLSID
CoGetInstanceFromFile
CreateFileMoniker
CoCreateInstanceEx

setupapi

pSetupIsGuidNull

version

VerQueryValueA
GetFileVersionInfoSizeW
VerLanguageNameW
VerFindFileA
GetFileVersionInfoA

ws2_32

WSAGetLastError
WSACloseEvent
htonl
WSAStartup
getservbyname
getprotobynumber
recv
getpeername
WSADuplicateSocketA
WSAEnumProtocolsW
WSAEnumNetworkEvents
connect
gethostname
bind
sendto
getsockname
WSARecv
shutdown
WSACleanup

wininet

FtpCreateDirectoryA
FtpGetCurrentDirectoryW
DllInstall
FtpDeleteFileA
SetUrlCacheGroupAttributeA
InternetGetConnectedState
CreateUrlCacheContainerA
DeleteUrlCacheContainerW
InternetGoOnlineW
InternetHangUp
UnlockUrlCacheEntryStream
FindNextUrlCacheEntryExA
PrivacyGetZonePreferenceW
GetUrlCacheEntryInfoA
FindFirstUrlCacheContainerW
DetectAutoProxyUrl
HttpSendRequestExW

hid

HidD_Hello
HidD_GetFeature

sqlunirl

_CreateDesktop_@24
_EnumWindowStations_@8
_FindResourceEx_@16
_CreateColorSpace_@4
_GetCharABCWidths_@16
_NDdeIsValidAppTopicList_@4
_ReportEvent_@36
_GetBinaryType_@8
_MessageBoxIndirect_@4
_GetProfileString_@20
_SHGetPathFromIDList_@8
_GetClassName_@12
_GetLocaleInfo_@16
_GetPrivateProfileInt_@16
_UnregisterClass_@8
_FatalAppExit_@8
_RegisterClipboardFormat_@4
_DragQueryFile_@16
_GetEnvironmentStrings_@4
_IsCharAlpha_@4
_StartService_@12
_DeviceCapabilities_@20

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 3KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e650495ed1264a4f5b7ae76164c0b03

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8Certificate

Extended Key Usages

Key Usages

3f:bc:f7:4e:b3:f9:fd:0e:3e:71:80:00:32:81:98:67:a8:5e:ad:22Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

setupapi

version

ws2_32

wininet

hid

sqlunirl

Sections

.text Size: 12KB - Virtual size: 12KB

.edata Size: 107KB - Virtual size: 106KB

.edata Size: 3KB - Virtual size: 305KB

.rdata Size: 9KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 300KB

.edata Size: 107KB - Virtual size: 107KB

.rsrc Size: 8KB - Virtual size: 8KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

3f:bc:f7:4e:b3:f9:fd:0e:3e:71:80:00:32:81:98:67:a8:5e:ad:22
Signer

.text
Size: 12KB - Virtual size: 12KB

.edata
Size: 107KB - Virtual size: 106KB

.edata
Size: 3KB - Virtual size: 305KB

.rdata
Size: 9KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 300KB

.edata
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 8KB - Virtual size: 8KB