4da0d2c4368743902b17fe68196dcf3a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4da0d2c4368743902b17fe68196dcf3a_JaffaCakes118
Size

340KB
MD5

4da0d2c4368743902b17fe68196dcf3a
SHA1

abef980638be1e3cf786037bb3b83f9b321c7da0
SHA256

e7dda18d6e292a28e1fdc42bbb09c958174b610b8ec5668797d751be4bce4ee5
SHA512

a47fc8883c931f3c1236429db4d9eb931ac7bb85e5f4b97bbae57fe9c8d396b291c69f8e3426280aa3feedfea1640f3bc2f9b707f509a3a8e1acec72de36d255
SSDEEP

3072:wvA1p08RqEQAIVEd2gG/vNlo0JFx/pANyCm0PQEKR/JnXHWP:w206xWgGxLxWN40PDKR/JnX2P

Score

1^/10

Malware Config

Signatures

Files

4da0d2c4368743902b17fe68196dcf3a_JaffaCakes118
.dll windows:3 windows x86 arch:x86

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

Issuer

CN=BMUZVYUGWSQWLAIISX

Not Before

21-01-2021 22:35

Not After

31-12-2039 23:59

Subject

CN=BMUZVYUGWSQWLAIISX

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5a:dc:d4:49:e6:d9:f0:9b:51:bc:85:ef:9c:20:e9:d2:b4:8b:6f:dd
Signer

Actual PE Digest

5a:dc:d4:49:e6:d9:f0:9b:51:bc:85:ef:9c:20:e9:d2:b4:8b:6f:dd

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError

user32

LoadCursorA
DrawMenuBar
wsprintfW
PostMessageA
EnumChildWindows
SendMessageTimeoutA
GetWindowTextA
EnumWindows
SendMessageA
wsprintfA
GetClassNameA

gdi32

AddFontResourceW
RealizePalette
CreateMetaFileW

advapi32

RegOpenKeyA
GetUserNameA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50Certificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

5a:dc:d4:49:e6:d9:f0:9b:51:bc:85:ef:9c:20:e9:d2:b4:8b:6f:ddSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 512B - Virtual size: 87B

.data Size: 1024B - Virtual size: 1KB

.text4 Size: 315KB - Virtual size: 315KB

.text8 Size: 512B - Virtual size: 100B

.text7 Size: 512B - Virtual size: 100B

.text6 Size: 512B - Virtual size: 100B

.text5 Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 992B

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

5a:dc:d4:49:e6:d9:f0:9b:51:bc:85:ef:9c:20:e9:d2:b4:8b:6f:dd
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 512B - Virtual size: 87B

.data
Size: 1024B - Virtual size: 1KB

.text4
Size: 315KB - Virtual size: 315KB

.text8
Size: 512B - Virtual size: 100B

.text7
Size: 512B - Virtual size: 100B

.text6
Size: 512B - Virtual size: 100B

.text5
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 992B