40b17d4ca83f079cf6b2b09d7a7fd839_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

40b17d4ca83f079cf6b2b09d7a7fd839_JaffaCakes118
Size

385KB
MD5

40b17d4ca83f079cf6b2b09d7a7fd839
SHA1

090e82a47b32dc94d71d4c84a3a76d2480589b00
SHA256

85ef348d39610c1d5f58e2524c0e929ec815a9fbe1f5924cdef7a0c05e58e5ad
SHA512

c5af8f6ae345f453442a3bbe8189c42ad3c7d4d89231607f78a1b6f24173679e38ac08d26294f46de98358b0aa560f33be5708becd2a632f6657c9bbbbc0d995
SSDEEP

6144:HF5dJ89Rl3FtuK0cuVxtIIOxK6xOMjKBxMkUcYBMcoPRxDu3fXtjpamF:HFp4Rl36KNoxwxNmBWcYBhdlpF

Score

1^/10

Malware Config

Signatures

Files

40b17d4ca83f079cf6b2b09d7a7fd839_JaffaCakes118
.exe windows:6 windows x64 arch:x64

274676f64ec63375a7825a17a44cba07

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:14:b6:11:a4:4a:1b:ae:0e:8c:75:81:65:18:45:b6
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-09-2020 00:00

Not After

07-07-2021 12:00

Subject

SERIALNUMBER=0000783996,CN=NEEDCODE SP Z O O,O=NEEDCODE SP Z O O,L=KRAKÓW,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b9:f3:97:4a:7e:00:ac:97:fb:80:c1:5e:9c:57:e1:88:26:cc:dd:1b
Signer

Actual PE Digest

b9:f3:97:4a:7e:00:ac:97:fb:80:c1:5e:9c:57:e1:88:26:cc:dd:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

CreateStatusWindowW
InitCommonControlsEx

kernel32

SizeofResource
FindResourceW
lstrcmpiW
FindResourceA
MultiByteToWideChar
WriteConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetStringTypeW
SetStdHandle
LCMapStringW
FreeEnvironmentStringsW
LoadResource
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
HeapReAlloc
HeapSize
GetStdHandle
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlPcToFileHeader
RtlUnwindEx
GetSystemTimeAsFileTime
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
VirtualAlloc
GetCurrentThreadId
LeaveCriticalSection
SetLastError
EnterCriticalSection
CloseHandle
WriteFile
GetEnvironmentStringsW
GetFileSize
CreateFileW
LoadLibraryW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
DecodePointer
ReadFile
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualFree
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer
IsDebuggerPresent
OutputDebugStringW

user32

SendMessageW
DefWindowProcW
CallWindowProcW
UnregisterClassW
CreateWindowExW
IsWindow
BeginPaint
EndPaint
LoadIconW
LoadCursorW
GetWindowLongW
InflateRect
SetRect
SetCursor
MessageBoxW
GetWindowRect
GetClientRect
SetWindowTextW
ReleaseDC
GetDC
UpdateWindow
InsertMenuItemW
DeleteMenu
GetSubMenu
DestroyMenu
LoadMenuW
CharNextW
SetWindowPos
ShowWindow
GetClassInfoExW
RegisterClassExW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowLongPtrW
GetWindowLongPtrW
IsRectEmpty
OffsetRect
IntersectRect
SetRectEmpty
FillRect
InvalidateRect
GetUpdateRect

gdi32

SelectObject
Rectangle
LineTo
GetStockObject
GetClipBox
DeleteObject
CreatePen
MoveToEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
CryptAcquireContextA
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2

oleaut32

DispCallFunc
VarUI4FromStr
VariantClear
VariantInit
SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroy
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

Exports

Exports

SDqwsgrfTRRADQDSwatuHdfCxv

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

274676f64ec63375a7825a17a44cba07

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0c:14:b6:11:a4:4a:1b:ae:0e:8c:75:81:65:18:45:b6Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

b9:f3:97:4a:7e:00:ac:97:fb:80:c1:5e:9c:57:e1:88:26:cc:dd:1bSigner

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 5KB - Virtual size: 9KB

.pdata Size: 6KB - Virtual size: 6KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 199KB - Virtual size: 198KB

.reloc Size: 2KB - Virtual size: 1KB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0c:14:b6:11:a4:4a:1b:ae:0e:8c:75:81:65:18:45:b6
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

b9:f3:97:4a:7e:00:ac:97:fb:80:c1:5e:9c:57:e1:88:26:cc:dd:1b
Signer

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 5KB - Virtual size: 9KB

.pdata
Size: 6KB - Virtual size: 6KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 199KB - Virtual size: 198KB

.reloc
Size: 2KB - Virtual size: 1KB