8d43ef988a68b1c73052d4535aed340a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d43ef988a68b1c73052d4535aed340a_JaffaCakes118
Size

148KB
MD5

8d43ef988a68b1c73052d4535aed340a
SHA1

1503e59babcd39684c325ef9206accc80f6801d7
SHA256

5a3388dc4a2b5b132850ae9e1811520001b9b0aff61365ca4245d8528f538bf7
SHA512

0ca00e0e5632891f1e8f29f663de608ed5438b5cf081fa427ebc807933ddb0728a7eeef850994e3c479d7d1b06bc44d97345d4708793be132f74d93a75dd6dfb
SSDEEP

3072:CBB/AxKYR41q0Vo8ADSvAHU8sZkY1f5LAax281Yg:qAF61q0VoqHZk2txA

Score

1^/10

Malware Config

Signatures

Files

8d43ef988a68b1c73052d4535aed340a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96b1dbd1d22ceb63e508465516e17eae

Code Sign

2b:fe:e3:bf:a3:fc:16:4e:b6:38:a7:2b:98:81:18:19
Certificate

Issuer

CN=GDYMTYDHNTZZRHVCQV

Not Before

09/05/2019, 10:39

Not After

31/12/2039, 23:59

Subject

CN=GDYMTYDHNTZZRHVCQV

Extended Key Usages

ExtKeyUsageCodeSigning

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:ab:22:20:f8:4f:03:eb:ce:7d:16:d2:74:88:ef:1c:cd:4b:60:72:f2:f7:fc:b8:6b:2c:a0:45:92:99:2d:65
Signer

Actual PE Digest

c3:ab:22:20:f8:4f:03:eb:ce:7d:16:d2:74:88:ef:1c:cd:4b:60:72:f2:f7:fc:b8:6b:2c:a0:45:92:99:2d:65

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
GetStartupInfoW
lstrcmpiA
LocalFree
LocalAlloc
Sleep
VirtualFree
VirtualAlloc
SwitchToThread
GetACP
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateFileW
CloseHandle
TlsSetValue
TlsGetValue
WritePrivateProfileStringW
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualProtect
SuspendThread
SizeofResource
SetThreadPriority
SetThreadLocale
SetLastError
SetEvent
SetErrorMode
ResumeThread
ResetEvent
RemoveDirectoryW
MulDiv
LockResource
LoadResource
LoadLibraryW
GlobalUnlock
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVersionExW
GetThreadPriority
GetThreadLocale
GetTempPathW
GetTempFileNameW
GetPrivateProfileStringW
GetModuleFileNameA
GetLocalTime
GetFullPathNameW
GetFileAttributesW
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfoExW
GetCPInfo
FreeResource
InterlockedExchangeAdd
InterlockedExchange
InterlockedCompareExchange
FormatMessageW
FindResourceW
FindNextFileW
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumSystemLocalesW
EnumCalendarInfoW
DeleteFileW
CreateEventW
SetConsoleScreenBufferSize
CreateConsoleScreenBuffer
SetConsoleTitleW
CreateFileA
CreateEventA
SetEnvironmentVariableA
GetEnvironmentVariableA
SetConsoleCtrlHandler
ReadConsoleOutputCharacterW
GetConsoleMode
GetConsoleFontSize
SetConsoleMode
GetConsoleScreenBufferInfo
LCMapStringW
GetConsoleDisplayMode
SetConsoleCursorInfo
GetUserDefaultLangID
GetConsoleCP
GetConsoleOutputCP
CreateProcessW
SetPriorityClass
GetSystemDirectoryW
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
SetConsoleTextAttribute
WriteConsoleA
SetConsoleCP
LocalReAlloc
GetCurrentDirectoryA
SetCurrentDirectoryA
SetCurrentDirectoryW
GetLogicalDrives
TerminateThread
InterlockedDecrement
InterlockedIncrement
GenerateConsoleCtrlEvent
GetExitCodeProcess
GetEnvironmentStrings
GetNumberOfConsoleMouseButtons
SetConsoleWindowInfo
GetCurrentConsoleFont
GetConsoleCursorInfo
SetConsoleCursorPosition
ScrollConsoleScreenBufferA
SetConsoleActiveScreenBuffer
PeekConsoleInputW
GetNumberOfConsoleInputEvents
WriteConsoleOutputCharacterW
GetConsoleTitleW
SetConsoleTitleA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
SetConsoleOutputCP
HeapFree
WriteConsoleInputA
DuplicateHandle
ReadConsoleInputW
Beep
HeapAlloc
HeapCreate
GetCurrentDirectoryW
OpenProcess
GetVersionExA
GetFileAttributesA
WritePrivateProfileSectionA
DeleteFileA
SetFileAttributesA
FormatMessageA
CopyFileA
GetPrivateProfileSectionA
CreateDirectoryA
GetShortPathNameA
CreateProcessA
_llseek
_lwrite
_lread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileInformationByHandle
_lclose
MoveFileA
GetTempPathA
GetTempFileNameA
FindResourceExA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
LoadLibraryExA
GetSystemTime
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
GetPrivateProfileIntA
lstrcpynA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsFree
TlsAlloc
HeapDestroy
LCMapStringA
GetOEMCP
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
GetFullPathNameA
lstrcatA
lstrlenA
lstrcpyA
IsDBCSLeadByte
FindFirstFileA
GetPrivateProfileStringA
lstrcmpA
WritePrivateProfileStringA
GetCommandLineA

user32

GetDesktopWindow
GetClipboardOwner
GetThreadDesktop
GetCaretBlinkTime
DestroyWindow
GetKeyState
IsIconic
GetTopWindow
GetSysColor
GetListBoxInfo
IsWindowVisible
GetSystemMetrics
GetParent
GetWindowRect
PostMessageW
FindWindowW
DialogBoxParamW
GetDlgItem
SetWindowTextW
LoadStringW
EndDialog
RegisterClassW
GetClassInfoW
SetWindowPos
GetClassNameW
IsWindow
SendMessageW
GetWindow
SetFocus
GetFocus
IsChild
EndPaint
BeginPaint
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
LoadIconW
SetForegroundWindow
CreateWindowExW
SetTimer
GetPropW
KillTimer
RemovePropW
LoadBitmapW
GetKeyboardLayout
UnregisterClassW
EnumThreadWindows
AllowSetForegroundWindow
DestroyAcceleratorTable
RedrawWindow
GetClassInfoExW
SystemParametersInfoW
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
GetClientRect
InvalidateRect
InvalidateRgn
CallWindowProcW
CharNextW
FillRect
GetDC
ReleaseDC
GetKeyboardLayoutList
UnregisterClassA
PostThreadMessageW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassExW
LoadCursorW
DefWindowProcW
SetWindowLongW
GetWindowLongW
SetPropW

gdi32

GetTextAlign
GetDCPenColor
CloseMetaFile
CreateMetaFileA
FillPath
GetFontLanguageInfo
GetSystemPaletteUse
GetLayout

advapi32

RegOpenKeyA
RegQueryValueExA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp

imm32

ImmGetContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96b1dbd1d22ceb63e508465516e17eae

Code Sign

2b:fe:e3:bf:a3:fc:16:4e:b6:38:a7:2b:98:81:18:19Certificate

Extended Key Usages

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

c3:ab:22:20:f8:4f:03:eb:ce:7d:16:d2:74:88:ef:1c:cd:4b:60:72:f2:f7:fc:b8:6b:2c:a0:45:92:99:2d:65Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

imm32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 75KB - Virtual size: 75KB

.rsrc Size: 39KB - Virtual size: 39KB

2b:fe:e3:bf:a3:fc:16:4e:b6:38:a7:2b:98:81:18:19
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

c3:ab:22:20:f8:4f:03:eb:ce:7d:16:d2:74:88:ef:1c:cd:4b:60:72:f2:f7:fc:b8:6b:2c:a0:45:92:99:2d:65
Signer

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 39KB - Virtual size: 39KB