8ba3aea5bc98c1bf6a80d45f6b757e83_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8ba3aea5bc98c1bf6a80d45f6b757e83_JaffaCakes118
Size

528KB
MD5

8ba3aea5bc98c1bf6a80d45f6b757e83
SHA1

37122988620c54ca15d74f1b4d4d4baa2f6f46ba
SHA256

e00057c78fc0cc20cef7a88b857d24656fa695917200b8d1d5691abd5a646a17
SHA512

b45153557fc2cddd5fe989804ab30b127db183340042f1dace785397f52c1b1564af476f0a4f93441fe56a6627bcaecaec425dcf5fa0faae6fd6bea35a009f25
SSDEEP

12288:i6GOYfLVfCsgKTZ13TTVTs4b2zPDZapv/iDn0ZLheQ4WTy:i6GO0fPfb1TBb2zLZoiD0ZLheQ4WTy

Score

1^/10

Malware Config

Signatures

Files

8ba3aea5bc98c1bf6a80d45f6b757e83_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c26d73456c3c024524a672410a23bacf

Code Sign

13:6d:b6:71:7a:a1:46:2b:81:76:97:1f:e5:8f:eb:d6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26-01-2012 00:00

Not After

25-01-2013 23:59

Subject

CN=sterkly LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=sterkly LLC,L=Carlsbad,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:f4:65:ec:fa:ef:92:07:55:f7:cd:86:1d:22:50:8e:16:29:fa:4d
Signer

Actual PE Digest

15:f4:65:ec:fa:ef:92:07:55:f7:cd:86:1d:22:50:8e:16:29:fa:4d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryDataAvailable
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetAttemptConnect
InternetCloseHandle

rpcrt4

UuidCreate
UuidToStringW

version

GetFileVersionInfoW
VerQueryValueW

kernel32

LocalReAlloc
TlsFree
lstrlenA
GetThreadLocale
FileTimeToSystemTime
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
GetFileAttributesExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetCommandLineW
InitializeCriticalSection
GetStartupInfoW
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCPInfo
RtlUnwind
HeapReAlloc
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
TlsSetValue
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
RaiseException
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
InterlockedIncrement
GetCurrentProcessId
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
SetFilePointer
GetFileSize
ReadFile
CreateFileW
GetModuleFileNameW
GetSystemTime
GetTickCount
GlobalMemoryStatusEx
GetUserGeoID
HeapFree
GetProcessHeap
HeapAlloc
GetUserDefaultLangID
GetSystemDefaultLangID
DeleteFileW
GetTempFileNameW
GetTempPathW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
WideCharToMultiByte
lstrlenW
LocalFree
FormatMessageW
Sleep
GetModuleHandleW
ResumeThread
Process32NextW
TerminateProcess
OpenProcess
CloseHandle
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcess
FreeLibrary
lstrcpyW
GetProcAddress
GetVersionExW
LoadLibraryW
GetSystemDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
TlsAlloc
InterlockedCompareExchange
HeapSetInformation

user32

SetRect
SetTimer
KillTimer
SetCapture
CharNextW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperW
RegisterClipboardFormatW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
InvalidateRect
GetWindowThreadProcessId
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
RegisterWindowMessageW
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetKeyState
SetMenu
SetForegroundWindow
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
MessageBoxW
GetClassInfoExW
RegisterClassW
ScreenToClient
EqualRect
GetDlgCtrlID
CallWindowProcW
SetWindowPos
PtInRect
UnhookWindowsHookEx
GetActiveWindow
GetMenuItemID
AdjustWindowRectEx
IsWindow
GetWindowLongW
SetWindowLongW
GetMenu
CreateWindowExW
UnregisterClassW
RealChildWindowFromPoint
DestroyMenu
GetSubMenu
GetMenuItemCount
IntersectRect
SendDlgItemMessageA
OffsetRect
GetDesktopWindow
PostThreadMessageW
GetWindowRect
GetAsyncKeyState
ReleaseCapture
GetCursor
ClientToScreen
LoadImageW
PostMessageW
MessageBoxExW
LoadIconW
EnableWindow
LoadCursorW
MapWindowPoints
GetParent
GetSysColorBrush
GetSysColor
SystemParametersInfoW
EnumDisplayMonitors
SetRectEmpty
CopyRect
GetMonitorInfoW
GetSystemMetrics
GetClientRect
SendMessageW
GetClassNameW
GetWindow
DefWindowProcW
GetClassInfoW
SetActiveWindow
ShowWindow

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
OffsetViewportOrgEx
SelectObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetViewportOrgEx
GetViewportExtEx
Escape
ExtTextOutW
TextOutW
CreatePatternBrush
CreatePen
CreateSolidBrush
GetObjectW
GetStockObject
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
RectVisible
PtVisible
DeleteObject
GetDeviceCaps
GetClipBox
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
CreateRectRgnIndirect
CreateDIBitmap
GetTextMetricsW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegCloseKey
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
OpenProcessToken
RegSetValueW
RegCreateKeyW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

Shell_NotifyIconW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHRegGetValueW

ole32

CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayUnaccessData
LoadRegTypeLi
DispCallFunc
VariantCopy
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
SysStringLen
OleCreateFontIndirect
SafeArrayAccessData
SysAllocString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

iphlpapi

GetAdaptersInfo

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c26d73456c3c024524a672410a23bacf

Code Sign

13:6d:b6:71:7a:a1:46:2b:81:76:97:1f:e5:8f:eb:d6Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

15:f4:65:ec:fa:ef:92:07:55:f7:cd:86:1d:22:50:8e:16:29:fa:4dSigner

Headers

DLL Characteristics

File Characteristics

Imports

wininet

rpcrt4

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

iphlpapi

oleacc

Sections

.text Size: 335KB - Virtual size: 335KB

.rdata Size: 92KB - Virtual size: 92KB

.data Size: 13KB - Virtual size: 31KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 49KB - Virtual size: 48KB

13:6d:b6:71:7a:a1:46:2b:81:76:97:1f:e5:8f:eb:d6
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

15:f4:65:ec:fa:ef:92:07:55:f7:cd:86:1d:22:50:8e:16:29:fa:4d
Signer

.text
Size: 335KB - Virtual size: 335KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 13KB - Virtual size: 31KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 49KB - Virtual size: 48KB