4d5fab7fea7faedb28daee4bceb224e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d5fab7fea7faedb28daee4bceb224e8_JaffaCakes118
Size

289KB
MD5

4d5fab7fea7faedb28daee4bceb224e8
SHA1

75647d162f986b5c81e93b057964934d7176aaea
SHA256

b4f28e7a94681a99224b3893ccb2845e68e02fde69528dcacb9dc36625827a94
SHA512

cef54aced4d56bba316441f91aa83b29e163e42373b13cfcdf6fec499981f3dc2a8cd3a00cf89969d3f1f97fa0e0a3e44a3857c5f0b2cbbe455d7cd1eea79c6e
SSDEEP

6144:YRZdbVzesV3nYkM3YdFx7xN3NthPtVrhtt3lhXh/p1rZJjtPQKw0oDOTKl8tqK:YRZT/YLIdFx7xN3NthPtVrhtt3lhXh/X

Score

1^/10

Malware Config

Signatures

Files

4d5fab7fea7faedb28daee4bceb224e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e73399842c8dc326e2dbe01be8c70edb

Code Sign

0a:7b:f6:0c:46:17:12:a4:47:72:e5:53:57:86:c5:d2
Certificate

Issuer

CN=CNXJPNOU

Not Before

06/03/2019, 21:48

Not After

31/12/2039, 23:59

Subject

CN=CNXJPNOU

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

34:95:bc:62:50:75:c9:08:37:85:95:64:db:bc:a8:8f:08:f3:37:16:97:2c:f9:48:06:d5:9e:32:f2:ff:d1:bd
Signer

Actual PE Digest

34:95:bc:62:50:75:c9:08:37:85:95:64:db:bc:a8:8f:08:f3:37:16:97:2c:f9:48:06:d5:9e:32:f2:ff:d1:bd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemTime
GetTempFileNameW
GetTempPathW
GetTickCount
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitAtomTable
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LockFile
LockResource
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OutputDebugStringA
PeekNamedPipe
Process32FirstW
QueryDosDeviceW
QueryPerformanceCounter
GetStdHandle
RaiseException
ReadFile
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
RtlUnwind
SearchPathW
SetCalendarInfoA
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProfileSectionA
_llseek
lstrcatW
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
GetStartupInfoA
GetShortPathNameW
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentStringsW
GetEnvironmentStrings
GetDiskFreeSpaceW
GetDateFormatA
GetCurrentThreadId
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleOutputCP
GetConsoleMode
GetConsoleCursorInfo
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushViewOfFile
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FillConsoleOutputCharacterW
FatalAppExitW
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateTimerQueueTimer
CreateThread
CreateProcessW
CreateFileW
CreateFileA
CreateDirectoryW
CreateDirectoryA
CopyFileW
ConvertThreadToFiber
CompareFileTime
CloseHandle
VirtualAlloc
QueryPerformanceFrequency
GetModuleHandleA

user32

TranslateAcceleratorW
TranslateMessage
UpdateWindow
WinHelpW
wsprintfW
SetWindowTextA
SetWindowPos
SetTimer
SetRect
SetMenu
SetFocus
SetDlgItemTextW
SetDlgItemTextA
SetDlgItemInt
SetCapture
SendMessageW
ReleaseDC
ReleaseCapture
RegisterClassW
PtInRect
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
MoveWindow
MessageBoxW
MessageBoxA
MapWindowPoints
LoadStringW
LoadMenuW
LoadIconW
LoadCursorW
LoadAcceleratorsW
KillTimer
IsDialogMessageA
InvalidateRect
GetSystemMetrics
GetMessageW
GetMessageA
GetMenuItemRect
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
GetDesktopWindow
GetDC
EndPaint
EndDialog
EnableWindow
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
CreateDialogParamA
CheckMenuItem
BeginPaint
GetThreadDesktop
CreateMenu
ShowCaret
GetQueueStatus
GetTopWindow
GetMessagePos
LoadIconA
ShowWindow

gdi32

GdiDeleteSpoolFileHandle
GdiGetPageCount
GdiGetSpoolMessage
GdiIsPlayMetafileDC
GdiSetLastError
GetBkColor
GetCharWidth32W
GetCharWidthI
GetDCOrgEx
GetDeviceCaps
GetDeviceGammaRamp
GetGlyphIndicesW
GetKerningPairs
GetKerningPairsA
GetMetaFileBitsEx
EngQueryLocalTime
GetTextAlign
GetTransform
GetWorldTransform
MoveToEx
PlayEnhMetaFileRecord
SelectObject
SetBkColor
SetBkMode
SetBoundsRect
SetDIBitsToDevice
SetPixel
SetTextColor
StretchDIBits
XFORMOBJ_iGetXform
EngFindResource
DeleteDC
CreatePen
CreateMetaFileW
CreateFontIndirectW
CreateEnhMetaFileW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
BitBlt
AbortDoc
CreateSolidBrush
DeleteObject
GetStockObject
CreateHalftonePalette

advapi32

RegDeleteValueA
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
RegOpenKeyA

ole32

CoTaskMemFree
CoUninitialize
CLSIDFromString
CoInitialize
CoCreateInstance

comctl32

InitCommonControlsEx

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e73399842c8dc326e2dbe01be8c70edb

Code Sign

0a:7b:f6:0c:46:17:12:a4:47:72:e5:53:57:86:c5:d2Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

34:95:bc:62:50:75:c9:08:37:85:95:64:db:bc:a8:8f:08:f3:37:16:97:2c:f9:48:06:d5:9e:32:f2:ff:d1:bdSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

comctl32

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 34KB - Virtual size: 33KB

0a:7b:f6:0c:46:17:12:a4:47:72:e5:53:57:86:c5:d2
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

34:95:bc:62:50:75:c9:08:37:85:95:64:db:bc:a8:8f:08:f3:37:16:97:2c:f9:48:06:d5:9e:32:f2:ff:d1:bd
Signer

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 34KB - Virtual size: 33KB