4a880a2b3869c0609b9de082527eb1cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a880a2b3869c0609b9de082527eb1cf_JaffaCakes118
Size

330KB
MD5

4a880a2b3869c0609b9de082527eb1cf
SHA1

006840b1bc670592a6cd0e1510830c11d24e1a13
SHA256

0a3ebc13e700e19b45d935e0ad9a6fc55a1b68455793b97353f31f47cf7e9ee7
SHA512

92a548839f3ae010696a0b374acb6136d872f6221e682974c7ebb57372fd971348bf53439548608c38b705ac0f43ae94357946555b0ffd6ba04d64c234632299
SSDEEP

3072:9Rq1sFAd2gQ5PmBvNZwnnq1gn2RvoXiDzAYgrO1v2F5j8eFu:3q1sFAwgwmBv3wnIgG4oAYxvU54eu

Score

1^/10

Malware Config

Signatures

Files

4a880a2b3869c0609b9de082527eb1cf_JaffaCakes118
.dll windows:3 windows x86 arch:x86

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

Issuer

CN=BMUZVYUGWSQWLAIISX

Not Before

21/01/2021, 22:35

Not After

31/12/2039, 23:59

Subject

CN=BMUZVYUGWSQWLAIISX

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:88:51:f6:11:92:af:6c:2c:a7:4c:33:ab:4f:44:93:9e:75:9c:1b
Signer

Actual PE Digest

74:88:51:f6:11:92:af:6c:2c:a7:4c:33:ab:4f:44:93:9e:75:9c:1b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError

user32

LoadCursorA
DrawMenuBar
wsprintfW
PostMessageA
EnumChildWindows
SendMessageTimeoutA
GetWindowTextA
EnumWindows
SendMessageA
wsprintfA
GetClassNameA

gdi32

AddFontResourceW
RealizePalette
CreateMetaFileW

advapi32

RegOpenKeyA
GetUserNameA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50Certificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

74:88:51:f6:11:92:af:6c:2c:a7:4c:33:ab:4f:44:93:9e:75:9c:1bSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 512B - Virtual size: 87B

.data Size: 1024B - Virtual size: 1KB

.text4 Size: 305KB - Virtual size: 305KB

.text8 Size: 512B - Virtual size: 100B

.text7 Size: 512B - Virtual size: 100B

.text6 Size: 512B - Virtual size: 100B

.text5 Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 992B

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

74:88:51:f6:11:92:af:6c:2c:a7:4c:33:ab:4f:44:93:9e:75:9c:1b
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 512B - Virtual size: 87B

.data
Size: 1024B - Virtual size: 1KB

.text4
Size: 305KB - Virtual size: 305KB

.text8
Size: 512B - Virtual size: 100B

.text7
Size: 512B - Virtual size: 100B

.text6
Size: 512B - Virtual size: 100B

.text5
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 992B