bb5867af6b56bb8f33d7f646b51b94a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bb5867af6b56bb8f33d7f646b51b94a1_JaffaCakes118
Size

199KB
MD5

bb5867af6b56bb8f33d7f646b51b94a1
SHA1

b2d91820f07708a5d5b7259a25359058659f9757
SHA256

1f8bfcdc5f4c24dd94c93d4bd3440960dc7f84ddf61771fc111a393ec149ace4
SHA512

2447cbb4b43243dcd061520707ff1d2edf15afdaee3aa5d7efb5700438fbd69e89ca4cc8bf8a346c5dff0d542a3e68bebd203933d5e9547337a9eaaa0fa36892
SSDEEP

3072:M8DV7rtG3re5YNzl8nx1g5JKRKr1O1RglMDmOJY+mjLy4ETDx8:ndt4WYZanvgPKc5O1qCD0j08

Score

1^/10

Malware Config

Signatures

Files

bb5867af6b56bb8f33d7f646b51b94a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb45ca2d89896521ba025fb2ef09c857

Code Sign

1a:3a:54:bb:93:7a:a0:4c:bd:64:5e:13:94:be:7b:91
Certificate

Issuer

CN=FDFWJTORFQVNXQHFAH

Not Before

14/07/2021, 10:34

Not After

31/12/2039, 23:59

Subject

CN=FDFWJTORFQVNXQHFAH

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1f:03:ac:f2:ed:f8:c5:10:e0:04:f0:03:0c:3c:40:09:e6:09:58:09
Signer

Actual PE Digest

1f:03:ac:f2:ed:f8:c5:10:e0:04:f0:03:0c:3c:40:09:e6:09:58:09

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
Sleep
VirtualFree
VirtualAlloc
SwitchToThread
GetACP
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
TlsSetValue
TlsGetValue
lstrcmpW
WritePrivateProfileStringW
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualProtect
SuspendThread
SizeofResource
SetThreadPriority
SetThreadLocale
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
MulDiv
LockResource
LoadResource
LoadLibraryW
GlobalUnlock
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVersionExW
GetThreadPriority
GetThreadLocale
GetPrivateProfileStringW
GetModuleFileNameA
GetLocalTime
GetFullPathNameW
GetFileAttributesExW
GetFileAttributesW
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfoExW
GetCPInfo
FreeResource
InterlockedExchangeAdd
InterlockedExchange
InterlockedCompareExchange
FormatMessageW
FindResourceW
FindNextFileW
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumSystemLocalesW
EnumCalendarInfoW
DeviceIoControl
CreateFileW
CreateEventW
GetModuleHandleA
ReleaseMutex
OpenMutexW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
MoveFileExW
ProcessIdToSessionId
SystemTimeToFileTime
OpenEventW
CopyFileW
HeapCreate
LCMapStringW
LCMapStringA
GetStringTypeW
CreateMutexW
CreateRemoteThread
Process32NextW
FindAtomW
AddAtomW
OpenThread
GetAtomNameW
GetSystemTime
OutputDebugStringW
GetFileSizeEx
SetFilePointerEx
LocalFileTimeToFileTime
lstrlenA
lstrcmpA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
Process32FirstW
CreateToolhelp32Snapshot
GetWindowsDirectoryW
CreateDirectoryW
FindResourceExW
OpenProcess
GetStartupInfoW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetProcessHeap
HeapSize
HeapReAlloc
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapFree
HeapAlloc
HeapDestroy
TerminateProcess
TerminateThread
TlsAlloc
DeleteAtom
TlsFree
GetOEMCP
IsValidCodePage
GetFileType
SetHandleCount

user32

MessageBoxW
InvalidateRect
FrameRect
SendMessageW
AppendMenuW
CreatePopupMenu
IsWindow
IsWindowVisible
LoadCursorW
SetCursor
SetWindowLongW
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
LoadMenuW
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
OffsetRect
EnableWindow
GetMessagePos
TranslateAcceleratorW
LockWindowUpdate
GetCursorPos
PostMessageW
KillTimer
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetWindowRect
LoadImageW
DrawIcon
IsIconic
SetTimer
LoadIconW
GetWindowLongW
ScreenToClient
RedrawWindow
GetScrollPos
InflateRect
IsRectEmpty
CopyRect
FillRect
SetRect
GetSysColor
GetSystemMetrics
GetParent
ReleaseDC
GetDC
PtInRect
GetClientRect
LoadIconA
LoadCursorFromFileA
GetKeyState
CharUpperA

advapi32

RegQueryValueExA
RegOpenKeyExA

wininet

FtpPutFileW
InternetCloseHandle
InternetConnectW
InternetOpenW

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb45ca2d89896521ba025fb2ef09c857

Code Sign

1a:3a:54:bb:93:7a:a0:4c:bd:64:5e:13:94:be:7b:91Certificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

1f:03:ac:f2:ed:f8:c5:10:e0:04:f0:03:0c:3c:40:09:e6:09:58:09Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 181KB - Virtual size: 180KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

1a:3a:54:bb:93:7a:a0:4c:bd:64:5e:13:94:be:7b:91
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

1f:03:ac:f2:ed:f8:c5:10:e0:04:f0:03:0c:3c:40:09:e6:09:58:09
Signer

.text
Size: 181KB - Virtual size: 180KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB