ba05b8dbbfd2b9c84e57a91851dd3b49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba05b8dbbfd2b9c84e57a91851dd3b49_JaffaCakes118
Size

346KB
MD5

ba05b8dbbfd2b9c84e57a91851dd3b49
SHA1

545da28ced806cb950fe9eacdcf7211247fb5fcd
SHA256

c3e25dd5cbde81c12f586e5357f4f81c99eb51e307b9866c08ab8fb627973d35
SHA512

1dc305a3991b90614316714effe219d02c44b6fc0ba5928ace2203111eeb8e22b7579902379053f59048a89470c3ab1bd1a2c076d103aad0e01eab3017410d78
SSDEEP

3072:S82jpiC2JG7HZb7XWQml/jz8A4diTE90Q6kF4CKAYRkcj:Z2L7HN7Kl/jLA90QECrYRpj

Score

1^/10

Malware Config

Signatures

Files

ba05b8dbbfd2b9c84e57a91851dd3b49_JaffaCakes118
.dll windows:3 windows x86 arch:x86

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

Issuer

CN=BMUZVYUGWSQWLAIISX

Not Before

21/01/2021, 22:35

Not After

31/12/2039, 23:59

Subject

CN=BMUZVYUGWSQWLAIISX

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7c:7d:39:3d:9b:73:0c:5e:41:ae:ce:62:de:19:da:82:4c:76:94:56
Signer

Actual PE Digest

7c:7d:39:3d:9b:73:0c:5e:41:ae:ce:62:de:19:da:82:4c:76:94:56

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError

user32

LoadCursorA
DrawMenuBar
wsprintfW
PostMessageA
EnumChildWindows
SendMessageTimeoutA
GetWindowTextA
EnumWindows
SendMessageA
wsprintfA
GetClassNameA

gdi32

AddFontResourceW
RealizePalette
CreateMetaFileW

advapi32

RegOpenKeyA
GetUserNameA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50Certificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

7c:7d:39:3d:9b:73:0c:5e:41:ae:ce:62:de:19:da:82:4c:76:94:56Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 512B - Virtual size: 87B

.data Size: 1024B - Virtual size: 1KB

.text4 Size: 321KB - Virtual size: 321KB

.text8 Size: 512B - Virtual size: 100B

.text7 Size: 512B - Virtual size: 100B

.text6 Size: 512B - Virtual size: 100B

.text5 Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 992B

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

7c:7d:39:3d:9b:73:0c:5e:41:ae:ce:62:de:19:da:82:4c:76:94:56
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 512B - Virtual size: 87B

.data
Size: 1024B - Virtual size: 1KB

.text4
Size: 321KB - Virtual size: 321KB

.text8
Size: 512B - Virtual size: 100B

.text7
Size: 512B - Virtual size: 100B

.text6
Size: 512B - Virtual size: 100B

.text5
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 992B