bbc010c33d9851e6a1f8b963683728e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbc010c33d9851e6a1f8b963683728e4_JaffaCakes118
Size

208KB
MD5

bbc010c33d9851e6a1f8b963683728e4
SHA1

ad161ed40bacc2c89b4256ca733be876f0b6565d
SHA256

142351149cdb2ac1bfe31f19d156057aab4b6e4a17873f7ecaa42b8bda13d594
SHA512

9bdefba32803f25f961e42c2d8d1df8737a90252f42dd533b0a579dcd0afb6b5e8962765c3a0a71dc4a0f43901762bb394d2863c3a9e25cf8b0b2829a64d4968
SSDEEP

3072:wzFXdy2LW3+57XnDmPok08G7sOwJE+9ir2TYzvG0WfzQZxiCcWMKj1NPjec:8B/YqSJE+I7bYQZx+bG1NR

Score

1^/10

Malware Config

Signatures

Files

bbc010c33d9851e6a1f8b963683728e4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f297549ddfb3975814be788792da6b4

Code Sign

38:16:ed:43:4b:b1:6c:76:b7:02:92:5a:7f:68:39:d2
Certificate

Issuer

CN=BNPIVNMN

Not Before

20/03/2019, 14:10

Not After

31/12/2039, 23:59

Subject

CN=BNPIVNMN

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e4:1e:30:04:ae:1b:ad:eb:c9:d8:63:e3:19:c8:36:40:b8:f5:d1:73:e9:72:ad:85:b2:ca:b1:cc:1b:35:1b:01
Signer

Actual PE Digest

e4:1e:30:04:ae:1b:ad:eb:c9:d8:63:e3:19:c8:36:40:b8:f5:d1:73:e9:72:ad:85:b2:ca:b1:cc:1b:35:1b:01

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MoveFileW
MoveFileWithProgressW
MulDiv
MultiByteToWideChar
OpenMutexW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
GetTickCount
Process32NextW
ProcessIdToSessionId
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResumeThread
RtlUnwind
SetComputerNameExW
SetConsoleCtrlHandler
SetConsoleTitleA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetLastError
SetLocaleInfoW
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetTimeZoneInformation
SetUnhandledExceptionFilter
SetVolumeMountPointW
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VerifyVersionInfoA
VirtualAlloc
VirtualFree
WTSGetActiveConsoleSessionId
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
_llseek
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpynA
lstrlenA
lstrlenW
VirtualAllocEx
GetThreadLocale
GetTempPathW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetSystemDefaultLCID
GetStringTypeW
GetStringTypeExW
GetStringTypeA
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetShortPathNameW
GetProcessTimes
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetOEMCP
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLongPathNameW
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSizeEx
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetEnvironmentStringsW
GetDefaultCommConfigW
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrencyFormatW
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetConsoleAliasesA
GetComputerNameW
GetCommandLineW
GetCPInfo
GetAtomNameW
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FormatMessageW
FoldStringA
FlushFileBuffers
FindResourceW
FindResourceExW
FindFirstVolumeA
FindFirstFileW
FindClose
FindAtomW
FileTimeToSystemTime
FileTimeToLocalFileTime
FatalAppExitA
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnumTimeFormatsA
EnumSystemLocalesA
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeviceIoControl
DeleteFileW
DeleteCriticalSection
DeleteAtom
CreateToolhelp32Snapshot
CreateTimerQueueTimer
CreateThread
CreateProcessW
CreateMutexW
CreateJobObjectA
CreateFileW
CreateFileA
CreateEventW
CopyFileW
ConvertDefaultLocale
ContinueDebugEvent
CompareStringW
CompareStringA
CloseHandle
CancelTimerQueueTimer
BindIoCompletionCallback
Process32FirstW
AddAtomW

user32

RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ReuseDDElParam
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemBitmaps
SetParent
SetProcessDefaultLayout
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutW
TrackPopupMenu
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
UpdateWindow
ValidateRect
WinHelpW
WindowFromPoint
wsprintfW
OpenIcon
DrawMenuBar
GetThreadDesktop
PaintDesktop
GetClipboardViewer
EndMenu
RegisterClassW
RealGetWindowClass
RealChildWindowFromPoint
PtInRect
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
OffsetRect
OemToCharBuffA
MoveWindow
ModifyMenuW
MessageBoxW
MapWindowPoints
MapVirtualKeyW
LockWindowUpdate
LoadStringW
LoadMenuW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
KillTimer
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowInfo
GetWindowDC
GetWindowContextHelpId
GetWindow
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetNextDlgTabItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemRect
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenuBarInfo
GetMenu
GetLastActivePopup
GetKeyboardLayoutList
GetKeyState
GetKeyNameTextW
GetGUIThreadInfo
GetForegroundWindow
GetFocus
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetClipboardFormatNameA
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetAltTabInfo
GetActiveWindow
FillRect
EqualRect
EnumWindowStationsA
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DrawAnimatedRects
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
DdeQueryConvInfo
DdePostAdvise
DdeInitializeA
DdeConnect
CreateWindowExW
CreatePopupMenu
CreateDialogIndirectParamW
CopyRect
AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharNextExA
CharUpperW
CheckDlgButton
CheckMenuItem
CheckRadioButton
ClientToScreen
CopyAcceleratorTableW
GetMenuCheckMarkDimensions

gdi32

GetObjectW
GetPixel
GetStockObject
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
ModifyWorldTransform
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
PlayMetaFile
PlayMetaFileRecord
PolyBezierTo
PolyDraw
PolylineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
GetCurrentPositionEx
GetObjectType
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
SetBkColor
SetBkMode
SetColorAdjustment
SetGraphicsMode
SetMapMode
SetMapperFlags
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocW
StretchDIBits
TextOutW
GetDCPenColor
GetEnhMetaFilePixelFormat
GetMapMode
GetDeviceCaps
SelectClipPath
ArcTo
GetClipRgn
GetClipBox
GetCharWidthW
GetBkColor
GdiSwapBuffers
ExtTextOutW
ExtSelectClipRgn
ExtEscape
ExtCreatePen
ExcludeClipRect
Escape
EnumMetaFile
EnumFontsA
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePatternBrush
CreateMetaFileW
CreateHatchBrush
CreateFontW
CreateFontIndirectW
CreateDIBPatternBrushPt
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileW
CopyMetaFileA
CombineRgn
BitBlt
GetDCOrgEx

comdlg32

GetFileTitleW

advapi32

RegQueryValueExA
RegOpenKeyA

shell32

ShellHookProc
ShellExecuteExW
ShellExecuteExA
SHQueryRecycleBinW
SHInvokePrinterCommandW
SHInvokePrinterCommandA
SHGetSpecialFolderPathW
SHGetPathFromIDList
SHGetMalloc
SHGetIconOverlayIndexW
SHGetFolderPathW
SHGetFileInfoW
SHGetFileInfoA
SHGetDesktopFolder
SHCreateProcessAsUserW
ExtractIconW
ExtractAssociatedIconA
DragQueryFileW
DragFinish

ole32

ReleaseStgMedium
SetConvertStg
StringFromCLSID
StringFromGUID2
WriteClassStg
WriteFmtUserTypeStg
ReadClassStg
OleRegGetUserType
OleDuplicateData
CreateBindCtx
CoUninitialize
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
CoInitializeSecurity
CoInitializeEx
CoInitialize
CoDisconnectObject
CoCreateInstance
CLSIDFromString
ReadFmtUserTypeStg

shlwapi

PathAddBackslashW
PathAppendW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathRemoveExtensionW
PathRemoveFileSpecW
PathStripToRootW
SHGetValueW
StrCmpIW
StrCmpNA
StrRStrIA
StrStrIA

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f297549ddfb3975814be788792da6b4

Code Sign

38:16:ed:43:4b:b1:6c:76:b7:02:92:5a:7f:68:39:d2Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

e4:1e:30:04:ae:1b:ad:eb:c9:d8:63:e3:19:c8:36:40:b8:f5:d1:73:e9:72:ad:85:b2:ca:b1:cc:1b:35:1b:01Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 50KB - Virtual size: 49KB

38:16:ed:43:4b:b1:6c:76:b7:02:92:5a:7f:68:39:d2
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

e4:1e:30:04:ae:1b:ad:eb:c9:d8:63:e3:19:c8:36:40:b8:f5:d1:73:e9:72:ad:85:b2:ca:b1:cc:1b:35:1b:01
Signer

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 50KB - Virtual size: 49KB