834ef7a94a4e9a8214ee166cdc951b73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

834ef7a94a4e9a8214ee166cdc951b73_JaffaCakes118
Size

8.1MB
MD5

834ef7a94a4e9a8214ee166cdc951b73
SHA1

db0fb5fd166cee7cb29a0b7a5e7fc66750f66964
SHA256

1aeacc523a003819117b4d1935e47205bb8cd102f482341e960a9df362f3a0cb
SHA512

31057f67c0ace6ce05faa0a5a76dbbc481ba1a7aa1770dafa18f4954457d90bf2082c0f407d3cd7fb4055533ad44f7eb3080d762397a94f8f052031e239672f4
SSDEEP

12288:tJ7o8Zpw7t7E7p7x737x7L7T7B757p7Z7L7b7T7R7v7R7p7Z757H7T7R7v7Z7B7T:Zx

Score

1^/10

Malware Config

Signatures

Files

834ef7a94a4e9a8214ee166cdc951b73_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c74ffe952a4d05bf5aaa8e309e880b71

Code Sign

09:1b:fa:ff:18:00:40:79:b2:60:23:68:b9:70:b8:69
Certificate

Issuer

CN=PECGOSXVNOLVTBNPKR

Not Before

27/09/2020, 16:40

Not After

31/12/2039, 23:59

Subject

CN=PECGOSXVNOLVTBNPKR

Extended Key Usages

ExtKeyUsageCodeSigning

1c:1a:1e:6c:b2:62:d6:9a:d7:ad:b9:80:6e:51:f2:cf:4d:a4:2f:fc
Signer

Actual PE Digest

1c:1a:1e:6c:b2:62:d6:9a:d7:ad:b9:80:6e:51:f2:cf:4d:a4:2f:fc

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualAlloc
GetModuleHandleW
GetSystemInfo
LoadResource
LockResource
SizeofResource
FindResourceW
LocalAlloc
FormatMessageW
lstrlenW
SwitchToThread
FreeLibrary
LoadLibraryW
GetProcessTimes
GetCurrentThreadId
VirtualQuery
GetLocaleInfoW
GetUserDefaultUILanguage
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetProcessId
GetModuleFileNameW
SetEnvironmentVariableW
FreeResource
GetEnvironmentVariableW
GetSystemTimeAsFileTime
SetThreadLocale
SetThreadUILanguage
LoadLibraryExW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
FindResourceExW
CreateProcessW
GetCurrentProcessId
SetLastError
GetTempPathW
SetFileAttributesW
GetLongPathNameW
GetFileAttributesW
LocalFree
GetCommandLineW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
FileTimeToSystemTime
FileTimeToDosDateTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetSystemTime
GetFileSize
GetFileInformationByHandle
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
SetFilePointer
GetFileType
CreateDirectoryW
GetCurrentDirectoryW
FindNextFileW
FindClose
FindFirstFileW
GetThreadLocale
GetACP
WideCharToMultiByte
GetTimeZoneInformation
GetProcAddress
GetTickCount
GetLocalTime
OpenProcess
TerminateProcess
CreateEventW
SetEvent
InitializeCriticalSectionAndSpinCount
GetOverlappedResult
WriteFile
ReadFile
CreateFileW
MultiByteToWideChar
ResumeThread
OpenThread
WaitForSingleObject
CloseHandle
Sleep
OutputDebugStringW
FormatMessageA

user32

GetMenuContextHelpId
GetWindowTextLengthA
CloseClipboard
GetActiveWindow
DrawMenuBar
OpenIcon
SystemParametersInfoW
OffsetRect
GetSysColor
SetCursor
RedrawWindow
InvalidateRect
UpdateWindow
KillTimer
SetTimer
FillRect
GetWindowRect
GetClientRect
CopyImage
LoadImageW
DestroyIcon
LoadBitmapW
GetParent
ReleaseDC
GetDC
IsWindow
MessageBoxW
RegisterWindowMessageW
PostMessageW
LoadIconW
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
EnableWindow
SendMessageW

gdi32

GetBkColor
GetEnhMetaFileA
DeleteColorSpace
GetStockObject

advapi32

RegOpenKeyW
RegQueryValueExA
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW

ole32

CoInitialize
CoCreateInstance
StringFromGUID2
CoCreateGuid
CoUninitialize
CoInitializeEx
OleUninitialize
OleInitialize
CLSIDFromString

shlwapi

PathCanonicalizeW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
PathIsRelativeW

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c74ffe952a4d05bf5aaa8e309e880b71

Code Sign

09:1b:fa:ff:18:00:40:79:b2:60:23:68:b9:70:b8:69Certificate

Extended Key Usages

1c:1a:1e:6c:b2:62:d6:9a:d7:ad:b9:80:6e:51:f2:cf:4d:a4:2f:fcSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 8.0MB - Virtual size: 8.0MB

.rsrc Size: 51KB - Virtual size: 50KB

09:1b:fa:ff:18:00:40:79:b2:60:23:68:b9:70:b8:69
Certificate

1c:1a:1e:6c:b2:62:d6:9a:d7:ad:b9:80:6e:51:f2:cf:4d:a4:2f:fc
Signer

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 8.0MB - Virtual size: 8.0MB

.rsrc
Size: 51KB - Virtual size: 50KB