854476cd8c6c3990ba82ded08f82b834_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

854476cd8c6c3990ba82ded08f82b834_JaffaCakes118
Size

182KB
MD5

854476cd8c6c3990ba82ded08f82b834
SHA1

dec0293944bb9a607d44df5e28973317cdf4a418
SHA256

d37453e050f16b3a052075884afdb82cae5d1d994495d4049f42385a5a813a47
SHA512

b155bf88b72c92a8e900820262af27a633d124c54e31ad11837c189bd3ac0a10e90dbe97c1be65f02887d64f9e4bcd03e1cceab168f7db9b9a3f3a6794cf23bb
SSDEEP

3072:5nTOMamU9xBiUK/q3hVMgXQAkEfC3C2G5O8FT7QFhfxbXxgCzXtT:5nTOMJU9xA5q3vMgA1EfkCfU8FTYXxZx

Score

1^/10

Malware Config

Signatures

Files

854476cd8c6c3990ba82ded08f82b834_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baf91d5218ce322195050211c670b44f

Code Sign

4a:4d:1c:c7:c4:c4:e7:62:bd:28:4a:e9:f7:7e:28:db
Certificate

Issuer

CN=AYCOQUTNMQLILKGCSQ

Not Before

31/05/2019, 12:43

Not After

31/12/2039, 23:59

Subject

CN=AYCOQUTNMQLILKGCSQ

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b0:1a:c4:a9:52:5e:f6:11:e7:de:05:73:7c:4d:61:21:81:0c:6b:86
Signer

Actual PE Digest

b0:1a:c4:a9:52:5e:f6:11:e7:de:05:73:7c:4d:61:21:81:0c:6b:86

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetModuleHandleW
CreateProcessW
OpenMutexW
GetFileAttributesW
CreateDirectoryW
CreateFileW
WaitNamedPipeW
WriteFile
GlobalAddAtomW
GlobalGetAtomNameW
GlobalDeleteAtom
GetUserDefaultUILanguage
FindFirstFileW
FindClose
FindNextFileW
CreateFileMappingW
GetFileSizeEx
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetNativeSystemInfo
FindCloseChangeNotification
FindNextChangeNotification
OutputDebugStringW
SetLastError
ReleaseMutex
CreateMutexW
ProcessIdToSessionId
SetEnvironmentVariableA
ReadConsoleW
ReadFile
SetEndOfFile
SetStdHandle
SetFilePointerEx
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleMode
GetConsoleCP
LocalFree
GetTimeZoneInformation
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
RtlCaptureContext
HeapReAlloc
HeapSize
ExitProcess
GetCommandLineW
ExitThread
GetSystemTimeAsFileTime
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
LCMapStringW
EncodePointer
DecodePointer
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
GetModuleFileNameA
CreateProcessA
SetUnhandledExceptionFilter
InitializeCriticalSection
SetCriticalSectionSpinCount
LocalAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
WaitForMultipleObjects
SetThreadPriority
CreateThread
CreateEventW
GetCurrentProcessId
VirtualFree
VirtualAlloc
lstrcmpW
DeleteCriticalSection
WaitForSingleObject
GetCurrentThread
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
OpenProcess
Sleep
FreeLibrary
LoadLibraryW
GetTickCount
CloseHandle
ResetEvent
SetEvent
OpenEventW
WTSGetActiveConsoleSessionId
GetModuleFileNameW
GetLastError
GetVersionExW
GetWindowsDirectoryW
lstrcpyW
lstrcatW
lstrcpynW
ExpandEnvironmentStringsW
CompareStringW
lstrcmpiW
GetProcAddress
RaiseException
lstrlenW
MulDiv
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetStartupInfoA
GetModuleHandleA

user32

GetDesktopWindow
GetClipboardOwner
GetThreadDesktop
GetCaretBlinkTime
DestroyWindow
GetKeyState
IsIconic
GetTopWindow
GetSysColor
GetListBoxInfo
IsWindowVisible
LoadStringW

gdi32

GetTextAlign
GetDCPenColor
CloseMetaFile
CreateMetaFileA
FillPath
GetFontLanguageInfo
GetSystemPaletteUse
GetLayout

advapi32

RegOpenKeyA
RegQueryValueExA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baf91d5218ce322195050211c670b44f

Code Sign

4a:4d:1c:c7:c4:c4:e7:62:bd:28:4a:e9:f7:7e:28:dbCertificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

b0:1a:c4:a9:52:5e:f6:11:e7:de:05:73:7c:4d:61:21:81:0c:6b:86Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 89KB - Virtual size: 89KB

.rsrc Size: 62KB - Virtual size: 61KB

4a:4d:1c:c7:c4:c4:e7:62:bd:28:4a:e9:f7:7e:28:db
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

b0:1a:c4:a9:52:5e:f6:11:e7:de:05:73:7c:4d:61:21:81:0c:6b:86
Signer

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 62KB - Virtual size: 61KB