b25ab9608596a92c43a86c407b2435c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b25ab9608596a92c43a86c407b2435c4_JaffaCakes118
Size

2.2MB
MD5

b25ab9608596a92c43a86c407b2435c4
SHA1

4013502cd61904e54bfdf509e22b8eb6451fcdb6
SHA256

3d86410559bad6f52fe001f9c42661f8b5e63e3a82acefd2cad5a5c842b40b3a
SHA512

b65a221950d78cd289324387d4ddf8a4cf9b516d295e5d38db11571f145efc0ffb3108310c11f3282afdd34b3eded7dce9654819bd44c29fafbdca5728f2a33d
SSDEEP

49152:b2vmKULHK8B7pCMnBPtnQxzOsGEvwd/4CcIqKZ44eBJ:b2sLHK81p/BJQxzOsGEvwd/4CcIqV

Score

1^/10

Malware Config

Signatures

Files

b25ab9608596a92c43a86c407b2435c4_JaffaCakes118
.exe windows:6 windows x86 arch:x86

df7fd58d9768d48a0a99a6699f9fd63c

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:95:38:36:a3:d1:99:8f:bf:21:3f:82:24:49:b7:26:39:ce:d8:4a:2e:ff:65:2c:c5:66:8d:67:88:8f:db:2f
Signer

Actual PE Digest

6c:95:38:36:a3:d1:99:8f:bf:21:3f:82:24:49:b7:26:39:ce:d8:4a:2e:ff:65:2c:c5:66:8d:67:88:8f:db:2f

Digest Algorithm

sha256

PE Digest Matches

true

1c:c1:8a:f9:f6:50:72:91:19:30:eb:83:c3:20:6a:36:9f:a4:fb:5e
Signer

Actual PE Digest

1c:c1:8a:f9:f6:50:72:91:19:30:eb:83:c3:20:6a:36:9f:a4:fb:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
SetFilePointer
FreeLibrary
GetConsoleOriginalTitleA
CompareStringW
QueryPerformanceFrequency
SetThreadPriority
SetUnhandledExceptionFilter
PulseEvent
GetFileAttributesW
SetProcessAffinityMask
ReadFile
GetStartupInfoW
LCMapStringW
UnlockFile
ResumeThread
GetFileAttributesExW
GetStdHandle
VerSetConditionMask
GetPrivateProfileIntW
GetLastError
GlobalAddAtomW
DeleteCriticalSection
VerifyVersionInfoW
LocalReAlloc
LoadResource
WriteFile
GetFileSize
TlsSetValue
ExitProcess
LockResource
SetFilePointerEx
InitializeSListHead
GetSystemTimeAsFileTime
LocalAlloc
WaitForSingleObjectEx
SetLastError
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetLongPathNameTransactedA
DecodePointer
DeleteFileW
CreateThreadpoolWait
WaitForThreadpoolWorkCallbacks
QueryPerformanceCounter
LoadLibraryExW
GetCurrentThreadId
lstrcmpA
SearchPathW
FileTimeToLocalFileTime
UnregisterApplicationRecoveryCallback
WaitForSingleObject
OutputDebugStringW
FindNextFileW
VirtualAlloc
SetEnvironmentVariableW
FindClose
CreateFileW
GetUserDefaultUILanguage
EnterCriticalSection
FreeEnvironmentStringsW
TlsGetValue
GetModuleFileNameW
IsValidCodePage
SetEvent
lstrcpyW
GetFileType
GlobalFree
HeapQueryInformation
GetCommConfig
GlobalAddAtomA
GetConsoleCP
SystemTimeToTzSpecificLocalTime
TlsFree
FindResourceW
RaiseException
GlobalSize
GetStringTypeW
GetTempPathW
MulDiv
InitializeCriticalSectionEx
HeapAlloc
HeapReAlloc
SetStdHandle
GetCurrentProcess
FreeLibraryAndExitThread
GetErrorMode
HeapFree
EnumResourceTypesExW
SetThreadpoolThreadMinimum
GetVolumeInformationW
GlobalAlloc
CreateThread
IsProcessorFeaturePresent
RequestDeviceWakeup
GetSystemDirectoryW
HeapSize
FormatMessageW
WideCharToMultiByte
GetCurrentProcessId
GetModuleHandleExW
FileTimeToSystemTime
WriteConsoleW
RtlUnwind
GetSystemInfo
GetSystemDefaultUILanguage
GetProcAddress
MultiByteToWideChar
LoadLibraryW
CreateEventW
GetOEMCP
GetProcessHeap
GetPrivateProfileStringW
Sleep
DisconnectNamedPipe
SetEndOfFile
GetEnvironmentVariableW
GetFileTime
SizeofResource
EncodePointer
FindFirstFileExW
GetFileSizeEx
VirtualProtect
GetFullPathNameW
GetCommandLineW
GetConsoleMode
GetACP
GlobalLock
FindFirstFileW
ClosePrivateNamespace
GetWindowsDirectoryW
IsDebuggerPresent
GetConsoleAliasExesLengthA
lstrcmpW
GetProfileIntW
LocalFree
GetCPInfo
GetEnvironmentStringsW
SetErrorMode
InitializeCriticalSection
WritePrivateProfileStringW
TlsAlloc
ResetEvent
CompareStringA
FlushFileBuffers
GlobalFindAtomW
GlobalUnlock
GlobalHandle
VirtualFree
GlobalGetAtomNameW
LeaveCriticalSection
OutputDebugStringA
GetTempFileNameW
CopyFileW
GlobalFlags
GetModuleHandleW
DuplicateHandle
LeaveCriticalSectionWhenCallbackReturns
FindResourceExW
WaitNamedPipeW
UnhandledExceptionFilter
GetVersionExW
GlobalReAlloc
GetCurrentThread
VirtualQuery
CloseHandle
GetDynamicTimeZoneInformation
LockFile
ExitThread
GetCommProperties
GetCommandLineA
LoadLibraryA
Process32NextW
GlobalDeleteAtom
TerminateProcess
lstrcmpiW
GetTickCount
GetTimeZoneInformation
SetCommState
GetCurrentDirectoryW

user32

GetWindowDC
SetScrollRange
GetKeyState
SetRectEmpty
GetIconInfo
CloseClipboard
GetWindowThreadProcessId
MonitorFromPoint
GetClientRect
GetShellWindow
FindWindowExW
GetClassLongW
MapWindowPoints
EndDialog
DispatchMessageW
NotifyWinEvent
WinHelpW
GetMenuStringW
DefRawInputProc
SetWindowTextW
TranslateMDISysAccel
GetMenuItemCount
GetMenuDefaultItem
CopyImage
WindowFromPoint
RegisterClipboardFormatW
GetSystemMenu
CreateMenu
CallNextHookEx
GetPropW
GetNextDlgGroupItem
GetClassInfoW
GetSystemMetrics
CharUpperBuffW
GetSubMenu
CheckMenuItem
DrawMenuBar
GetCapture
RegisterWindowMessageW
TranslateMessage
GetFocus
ClientToScreen
GetMessagePos
GetQueueStatus
GetScrollPos
OpenClipboard
HideCaret
BeginDeferWindowPos
BringWindowToTop
MessageBoxW
CopyAcceleratorTableW
GetMenuCheckMarkDimensions
CreateDialogIndirectParamW
DefMDIChildProcW
EnumDisplayMonitors
CopyIcon
IsWindowEnabled
UpdateLayeredWindow
SendMessageTimeoutW
ToUnicodeEx
SetMenuItemInfoW
SubtractRect
EmptyClipboard
ShowWindow
GetWindowPlacement
InvalidateRect
SetCursor
SetScrollPos
SetPropW
EndDeferWindowPos
LoadIconW
SetActiveWindow
IsRectEmpty
DestroyAcceleratorTable
GetNextDlgTabItem
GetDesktopWindow
AppendMenuW
UnpackDDElParam
MapVirtualKeyExW
GetDlgCtrlID
GetComboBoxInfo
DefFrameProcW
SetFocus
PostThreadMessageW
SetMenuItemBitmaps
DestroyCursor
EqualRect
TranslateAcceleratorW
GetActiveWindow
RemoveMenu
ClipCursor
EnableWindow
GetScrollRange
EnumChildWindows
GetProcessWindowStation
CallWindowProcW
GetWindow
GetAsyncKeyState
GetSysColor
CreateWindowExW
SetRect
PostMessageW
DrawTextExW
OpenIcon
LockWindowUpdate
GetTopWindow
IsClipboardFormatAvailable
IsZoomed
DestroyWindow
GetParent
FrameRect
ScreenToClient
SetForegroundWindow
InsertMenuW
GetMenuState
EndPaint
SetWindowRgn
InflateRect
IsMenu
IsWindow
UnionRect
RegisterClassW
GetMenuItemID
InvertRect
SetCapture
CopyRect
TrackMouseEvent
IsWindowVisible
ShowScrollBar
DeferWindowPos
SetWindowsHookExW
CharPrevW
IsIconic
SetDlgItemTextW
GetClassInfoExW
SetMenu
GetMessageW
UpdateWindow
IntersectRect
SendMessageW
SetCursorPos
DialogBoxIndirectParamW
MessageBeep
LoadImageW
LoadBitmapW
DrawIconEx
DestroyIcon
BroadcastSystemMessageW
DrawStateW
GetUpdateRect
GetDlgItem
DrawIcon
GetWindowRect
GetClassNameW
CharUpperW
CreateWindowStationA
InsertMenuItemW
UnregisterClassW
MapVirtualKeyW
ModifyMenuW
SendDlgItemMessageA
MonitorFromWindow
ScrollWindow
DeleteMenu
DefWindowProcW
BeginPaint
SetTimer
EnumPropsW
ReuseDDElParam
CheckDlgButton
FillRect
PeekMessageW
FindWindowW
ReleaseDC
DrawFocusRect
GetDoubleClickTime
OffsetRect
RealChildWindowFromPoint
PostQuitMessage
GetForegroundWindow
KillTimer
GetWindowTextW
LoadCursorW
GetMenu
EnableScrollBar
LoadMenuW
GrayStringW
GetCursorPos
EnableMenuItem
GetMonitorInfoW
GetSysColorBrush
ValidateRect
ReleaseCapture
TrackPopupMenu
SetWindowPos
CreatePopupMenu
GetWindowTextLengthW
UnhookWindowsHookEx
IsChild
SetMenuDefaultItem
SetLayeredWindowAttributes
GetScrollInfo
SetParent
CreateAcceleratorTableW
TabbedTextOutW
GetKeyboardLayout
DrawEdge
DrawTextW
SetWindowPlacement
AdjustWindowRectEx
RedrawWindow
DrawFrameControl
IsCharLowerW
IsDialogMessageW
MapDialogRect
GetMessageTime
GetWindowLongW
ShowOwnedPopups
RemovePropW
AdjustWindowRect
SetWindowLongW
LoadAcceleratorsW
GetKeyboardState
DestroyMenu
GetKeyNameTextW
GetDC
GetMenuItemInfoW
SetClassLongW
SetScrollInfo
PtInRect
DefDlgProcW
WaitMessage
GetWindowRgn
SetClipboardData
MoveWindow
GetLastActivePopup
SystemParametersInfoW

gdi32

ExcludeClipRect
CreateHatchBrush
GetWindowExtEx
GetBoundsRect
Polyline
GetViewportExtEx
CreatePalette
SetTextColor
PtInRegion
SelectObject
GetTextExtentPoint32W
CreateDIBitmap
SelectClipRgn
GetTextCharsetInfo
SetDIBColorTable
OffsetWindowOrgEx
SetPixel
SetRectRgn
SaveDC
SelectPalette
GetBkColor
SetPaletteEntries
SetBkColor
EnumFontFamiliesW
ExtSelectClipRgn
DeleteObject
GetNearestPaletteIndex
CreatePatternBrush
CreatePen
Rectangle
SetTextAlign
CreateDIBSection
PatBlt
OffsetRgn
GetPixel
GetLayout
SetMapMode
ScaleViewportExtEx
SetLayout
GetPaletteEntries
OffsetViewportOrgEx
GetObjectType
RealizePalette
BitBlt
RectVisible
PtVisible
GetViewportOrgEx
GetDeviceCaps
CreatePolygonRgn
SetViewportOrgEx
StretchBlt
SetWindowExtEx
LPtoDP
CopyMetaFileW
GetTextColor
LineTo
CreateRectRgnIndirect
Ellipse
GetDIBits
CreateBitmap
GetClipBox
GetRgnBox
EnumFontFamiliesExW
SetBkMode
GetObjectW
CombineRgn
SetWindowOrgEx
ExtTextOutW
ExtFloodFill
CreateFontIndirectW
RoundRect
FillRgn
GetSystemPaletteEntries
CreateSolidBrush
TextOutW
CreateRectRgn
CreateRoundRectRgn
GetTextFaceW
Escape
MoveToEx
CreateCompatibleDC
SetViewportExtEx
SetROP2
DeleteDC
CreateDCW
RestoreDC
GetWindowOrgEx
GetTextMetricsW
Polygon
FrameRgn
GetStockObject
CreateCompatibleBitmap
SetPixelV
IntersectClipRect
SetPolyFillMode
ScaleWindowExtEx
DPtoLP
CreateEllipticRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

EventAccessQuery
RegQueryValueW
LookupAccountSidA
LookupPrivilegeValueW
EqualDomainSid
RegEnumValueW
AddAccessAllowedAce
RegOpenKeyExW
RegSetValueExW
ObjectDeleteAuditAlarmA
SetSecurityAccessMask
RegLoadMUIStringA
OpenProcessToken
RegDeleteKeyValueA
FileEncryptionStatusW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
ImpersonateNamedPipeClient
RegCreateKeyA
RegQueryValueExW
PerfStartProvider
GetCurrentHwProfileW
LookupPrivilegeDisplayNameW
RegEnumKeyW
AdjustTokenPrivileges
CredUnprotectW
PerfSetCounterRefValue
RegCloseKey

shell32

DragFinish
SHGetMalloc
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileW
SHGetPathFromIDListW
FindExecutableA
ShellExecuteW
SHCreateDirectoryExA
ord174
ord3
ord98
SHBrowseForFolderW
SHGetFileInfoW
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
StrFormatByteSizeW
PathRelativePathToA
PathCompactPathA
PathRemoveFileSpecW
StrRetToBufW
ord10
PathQuoteSpacesW
SHDeleteEmptyKeyW
PathFindFileNameW
StrFormatKBSizeW
PathStripToRootW
PathQuoteSpacesA
ord152
PathIsUNCW
PathFindExtensionW
SHCopyKeyA

uxtheme

IsAppThemed
GetThemeColor
GetWindowTheme
DrawThemeParentBackground
DrawThemeBackground
CloseThemeData
OpenThemeData
GetThemePartSize
GetThemeSysColor
GetCurrentThemeName
DrawThemeText
IsThemeBackgroundPartiallyTransparent

ole32

CoDisconnectObject
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
CoCreateGuid
RevokeDragDrop
CreateStreamOnHGlobal
ReleaseStgMedium
CoTaskMemFree
OleLockRunning
OleCreateMenuDescriptor
CoInitializeEx
CoInitialize
OleDestroyMenuDescriptor
CoCreateInstance
OleTranslateAccelerator
CoInitializeSecurity
DoDragDrop
OleDuplicateData
CoUninitialize
IsAccelerator
CoTaskMemAlloc

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime

gdiplus

GdipGetImageHeight
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdiplusShutdown
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipGetImagePalette
GdipCreateFromHDC
GdipGetImagePaletteSize
GdipDeleteGraphics
GdipDrawImageRectI
GdipAlloc
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImageWidth
GdipDisposeImage
GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipCloneImage
GdipFree
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.inhu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hemjo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df7fd58d9768d48a0a99a6699f9fd63c

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

6c:95:38:36:a3:d1:99:8f:bf:21:3f:82:24:49:b7:26:39:ce:d8:4a:2e:ff:65:2c:c5:66:8d:67:88:8f:db:2fSigner

1c:c1:8a:f9:f6:50:72:91:19:30:eb:83:c3:20:6a:36:9f:a4:fb:5eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.inhu Size: 1KB - Virtual size: 1KB

.hemjo Size: 4KB - Virtual size: 4KB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 136KB - Virtual size: 136KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

6c:95:38:36:a3:d1:99:8f:bf:21:3f:82:24:49:b7:26:39:ce:d8:4a:2e:ff:65:2c:c5:66:8d:67:88:8f:db:2f
Signer

1c:c1:8a:f9:f6:50:72:91:19:30:eb:83:c3:20:6a:36:9f:a4:fb:5e
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.inhu
Size: 1KB - Virtual size: 1KB

.hemjo
Size: 4KB - Virtual size: 4KB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 136KB - Virtual size: 136KB