bcb1a067cb96a79c845628906c68015c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bcb1a067cb96a79c845628906c68015c_JaffaCakes118
Size

2.2MB
MD5

bcb1a067cb96a79c845628906c68015c
SHA1

73a5a4608967d77658f810021ec53870a4c0233b
SHA256

1aa66082d0dac16606770584aa32c940a9967d3783f839bd374db42297b01acf
SHA512

bf3609401863df6e6c3aa516248d29d63ac7d26f42db5806a8a7ddf7f9bf7ce2fc5d5dedbdea681efdfb1f45740b8be2aff0c4453dce69f7e86261bf4e187b37
SSDEEP

49152:cupkMSlmDO7Z7Wz+2hdRQY5NYEvYGaqAKRm6WNYXr:cuulmDIZqz+KdRd5NYEvYGaqAKRb

Score

1^/10

Malware Config

Signatures

Files

bcb1a067cb96a79c845628906c68015c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

42f119764e6da4f613aacf9f614b32a5

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:bb:04:91:62:5a:8c:bf:a1:86:9a:3c:d3:65:46:33:9e:6f:3f:d3:54:c9:dd:36:07:b6:ee:c3:59:1b:be:17
Signer

Actual PE Digest

95:bb:04:91:62:5a:8c:bf:a1:86:9a:3c:d3:65:46:33:9e:6f:3f:d3:54:c9:dd:36:07:b6:ee:c3:59:1b:be:17

Digest Algorithm

sha256

PE Digest Matches

true

c7:6f:ce:62:5d:38:86:9a:a9:75:29:c8:69:c3:cc:5c:c3:17:f9:06
Signer

Actual PE Digest

c7:6f:ce:62:5d:38:86:9a:a9:75:29:c8:69:c3:cc:5c:c3:17:f9:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetProcAddress
GlobalAddAtomW
LocalAlloc
WaitForSingleObjectEx
WaitNamedPipeW
OutputDebugStringW
GetFileAttributesW
GlobalFindAtomW
LoadLibraryA
GetFileType
TlsGetValue
CreateFileW
GetProfileIntW
lstrcmpW
DisconnectNamedPipe
GetStartupInfoW
RaiseException
WideCharToMultiByte
ExitThread
HeapSize
GetCurrentProcess
MultiByteToWideChar
SetEndOfFile
GetSystemTimeAsFileTime
GetConsoleOriginalTitleA
GetEnvironmentVariableW
SetThreadPriority
FreeLibrary
GetErrorMode
MulDiv
SearchPathW
GetSystemInfo
RequestDeviceWakeup
CreateEventW
GetCommandLineW
Process32NextW
SetEnvironmentVariableW
GlobalUnlock
ClosePrivateNamespace
GetConsoleCP
GetDynamicTimeZoneInformation
LoadLibraryW
GetWindowsDirectoryW
GetEnvironmentStringsW
ResumeThread
GetSystemDirectoryW
RtlUnwind
GetModuleHandleA
EnumResourceTypesExW
GetCPInfo
FreeLibraryAndExitThread
VirtualFree
GetProcessHeap
GetUserDefaultUILanguage
GetCommProperties
ReadFile
CompareStringA
InitializeCriticalSection
GetFullPathNameW
SetErrorMode
EncodePointer
GetACP
LCMapStringW
LoadResource
ResetEvent
TerminateProcess
UnlockFile
SetEvent
IsDebuggerPresent
GetSystemDefaultUILanguage
LocalReAlloc
GetStdHandle
WaitForThreadpoolWorkCallbacks
GetLocaleInfoW
LeaveCriticalSection
GetCommandLineA
WriteConsoleW
FindFirstFileExW
GetLongPathNameTransactedA
lstrcmpA
VerSetConditionMask
WaitForSingleObject
GetModuleHandleExW
FindNextFileW
LockFile
GetTimeZoneInformation
HeapFree
SetFilePointerEx
GlobalSize
DeleteFileW
CreateThreadpoolWait
SizeofResource
FreeEnvironmentStringsW
OutputDebugStringA
SetCommState
DecodePointer
GetCurrentThread
WriteFile
GetFileSize
SetProcessAffinityMask
GetOEMCP
lstrcmpiW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
SetStdHandle
GlobalFree
LeaveCriticalSectionWhenCallbackReturns
lstrcpyW
GetPrivateProfileIntW
FindFirstFileW
SetThreadpoolThreadMinimum
GetVolumeInformationW
UnhandledExceptionFilter
QueryPerformanceFrequency
FindClose
GlobalGetAtomNameW
EnterCriticalSection
CloseHandle
TlsFree
IsValidCodePage
GlobalReAlloc
FindResourceW
DuplicateHandle
GetConsoleMode
VerifyVersionInfoW
UnregisterApplicationRecoveryCallback
GetFileSizeEx
HeapReAlloc
VirtualAlloc
SystemTimeToTzSpecificLocalTime
GetCurrentProcessId
ExitProcess
GetTempPathW
FindResourceExW
GetFileTime
SetLastError
TlsSetValue
GetStringTypeW
GlobalHandle
GlobalFlags
PulseEvent
GetCurrentDirectoryW
GetLastError
GetTempFileNameW
LocalFree
CompareStringW
GetVersionExW
GetPrivateProfileStringW
SetFilePointer
HeapAlloc
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetCommConfig
GetCurrentThreadId
GetModuleFileNameW
FormatMessageW
WritePrivateProfileStringW
Sleep
GlobalAlloc
CopyFileW
IsProcessorFeaturePresent
GlobalDeleteAtom
FileTimeToLocalFileTime
DeleteCriticalSection
GetConsoleAliasExesLengthA
QueryPerformanceCounter
GetTickCount
TlsAlloc
GlobalAddAtomA
HeapQueryInformation
GetModuleHandleW
CreateThread
VirtualProtect
VirtualQuery
InitializeCriticalSectionEx
LoadLibraryExW
LockResource
InitializeSListHead
FlushFileBuffers

user32

RegisterWindowMessageW
FindWindowExW
GetClassInfoExW
BeginPaint
UnhookWindowsHookEx
SubtractRect
SetTimer
EqualRect
GetMessageTime
ReuseDDElParam
GrayStringW
TranslateAcceleratorW
InsertMenuItemW
GetMessageW
RegisterClassW
TrackMouseEvent
SetMenuDefaultItem
KillTimer
GetMenuStringW
DeleteMenu
LoadBitmapW
DispatchMessageW
SetCursorPos
ValidateRect
CharPrevW
ShowOwnedPopups
EndPaint
GetWindowRgn
MessageBeep
CreateMenu
GetSystemMenu
ShowWindow
IsClipboardFormatAvailable
LoadImageW
GetDC
AdjustWindowRectEx
DestroyAcceleratorTable
GetQueueStatus
TranslateMDISysAccel
SetMenuItemInfoW
DrawEdge
GetWindowLongW
GetForegroundWindow
DrawFocusRect
OpenIcon
CreateWindowExW
RealChildWindowFromPoint
GetMenuDefaultItem
GetNextDlgGroupItem
GetKeyNameTextW
CallWindowProcW
EnumPropsW
SetScrollRange
DefFrameProcW
GetMenuItemCount
OffsetRect
ToUnicodeEx
EndDeferWindowPos
RemoveMenu
WinHelpW
CopyAcceleratorTableW
TranslateMessage
GetSysColorBrush
GetSysColor
GetClassInfoW
ClipCursor
GetScrollPos
SetWindowPos
DialogBoxIndirectParamW
EnableScrollBar
CharUpperBuffW
SetWindowsHookExW
SetCapture
CallNextHookEx
InvalidateRect
UpdateLayeredWindow
FrameRect
MonitorFromWindow
IsDialogMessageW
CreateAcceleratorTableW
GetDesktopWindow
DrawFrameControl
SetScrollInfo
SetPropW
GetWindowTextW
GetPropW
GetDlgItem
IsCharLowerW
DrawIconEx
IsRectEmpty
SystemParametersInfoW
GetMenu
AppendMenuW
IsMenu
UnregisterClassW
RedrawWindow
GetCursorPos
DestroyCursor
LoadCursorW
GetMonitorInfoW
IsZoomed
IsWindowEnabled
GetScrollRange
CopyRect
MessageBoxW
DefRawInputProc
CopyImage
EnumChildWindows
InsertMenuW
SendMessageW
DefDlgProcW
CheckDlgButton
UpdateWindow
BroadcastSystemMessageW
GetClassNameW
TabbedTextOutW
EmptyClipboard
RemovePropW
TrackPopupMenu
SetCursor
GetMessagePos
MapVirtualKeyExW
DestroyMenu
GetScrollInfo
GetUpdateRect
BeginDeferWindowPos
GetSystemMetrics
LoadMenuW
CopyIcon
PtInRect
DrawStateW
EnableWindow
GetKeyboardLayout
SetWindowTextW
GetKeyboardState
SetMenu
GetComboBoxInfo
DestroyIcon
GetProcessWindowStation
InvertRect
FillRect
DefWindowProcW
MapDialogRect
SetClipboardData
LockWindowUpdate
ScreenToClient
IsIconic
GetMenuItemID
GetIconInfo
GetWindowPlacement
EndDialog
DefMDIChildProcW
GetWindowRect
ClientToScreen
DeferWindowPos
SetForegroundWindow
SetWindowRgn
SetFocus
ScrollWindow
GetWindowDC
PostMessageW
DrawIcon
GetParent
GetDlgCtrlID
GetWindow
OpenClipboard
HideCaret
SetRectEmpty
IsWindow
WaitMessage
GetMenuCheckMarkDimensions
DrawMenuBar
CreateDialogIndirectParamW
CreateWindowStationA
GetMenuState
GetWindowTextLengthW
MoveWindow
SendMessageTimeoutW
SetParent
ShowScrollBar
MonitorFromPoint
WindowFromPoint
EnableMenuItem
GetTopWindow
SetWindowPlacement
SetClassLongW
UnionRect
CreatePopupMenu
GetActiveWindow
GetClassLongW
SetRect
BringWindowToTop
LoadAcceleratorsW
GetKeyState
DrawTextExW
GetAsyncKeyState
GetNextDlgTabItem
DestroyWindow
PostQuitMessage
GetMenuItemInfoW
MapVirtualKeyW
UnpackDDElParam
PostThreadMessageW
SendDlgItemMessageA
GetCapture
GetClientRect
MapWindowPoints
InflateRect
NotifyWinEvent
FindWindowW
SetDlgItemTextW
IsChild
ReleaseCapture
ReleaseDC
SetLayeredWindowAttributes
RegisterClipboardFormatW
SetWindowLongW
GetLastActivePopup
CheckMenuItem
LoadIconW
SetActiveWindow
EnumDisplayMonitors
SetMenuItemBitmaps
DrawTextW
GetFocus
GetDoubleClickTime
GetWindowThreadProcessId
GetShellWindow
ModifyMenuW
AdjustWindowRect
CharUpperW
GetSubMenu
IsWindowVisible
CloseClipboard
PeekMessageW
IntersectRect
SetScrollPos

gdi32

SelectObject
GetSystemPaletteEntries
StretchBlt
GetTextFaceW
Rectangle
GetRgnBox
GetObjectW
GetClipBox
ScaleWindowExtEx
ExtTextOutW
SetRectRgn
RectVisible
SetWindowExtEx
SetLayout
CreateDIBSection
MoveToEx
OffsetViewportOrgEx
EnumFontFamiliesW
SetBkMode
CreateFontIndirectW
SetViewportOrgEx
CreatePatternBrush
ExtSelectClipRgn
CreateEllipticRgn
SetPaletteEntries
SaveDC
CreateRoundRectRgn
SelectPalette
FrameRgn
SetPixelV
GetWindowExtEx
IntersectClipRect
CreateHatchBrush
CreatePolygonRgn
GetPaletteEntries
SetROP2
GetTextMetricsW
SetTextAlign
Polygon
GetStockObject
CreateBitmap
ExtFloodFill
FillRgn
CreateCompatibleDC
SetBkColor
SetTextColor
GetLayout
CreateCompatibleBitmap
GetNearestPaletteIndex
ExcludeClipRect
PtInRegion
CreatePalette
Escape
CreateSolidBrush
EnumFontFamiliesExW
SelectClipRgn
CreateDIBitmap
DeleteObject
CreateRectRgn
CreatePen
SetDIBColorTable
SetPolyFillMode
OffsetRgn
BitBlt
OffsetWindowOrgEx
CopyMetaFileW
LineTo
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextColor
SetViewportExtEx
PtVisible
SetMapMode
GetTextExtentPoint32W
GetBoundsRect
Ellipse
GetDIBits
TextOutW
Polyline
CreateDCW
DPtoLP
RestoreDC
GetTextCharsetInfo
DeleteDC
GetViewportOrgEx
GetBkColor
LPtoDP
SetPixel
RealizePalette
SetWindowOrgEx
GetWindowOrgEx
GetPixel
GetObjectType
GetViewportExtEx
ScaleViewportExtEx
GetDeviceCaps
RoundRect

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

PerfSetCounterRefValue
RegEnumKeyExW
SetSecurityAccessMask
PerfStartProvider
OpenProcessToken
RegDeleteKeyW
RegDeleteValueW
LookupPrivilegeDisplayNameW
EqualDomainSid
FileEncryptionStatusW
AddAccessAllowedAce
RegSetValueExW
CredUnprotectW
AdjustTokenPrivileges
RegCloseKey
LookupPrivilegeValueW
RegCreateKeyA
RegDeleteKeyValueA
RegLoadMUIStringA
RegEnumKeyW
RegQueryValueExW
GetCurrentHwProfileW
RegCreateKeyExW
RegEnumValueW
ImpersonateNamedPipeClient
RegQueryValueW
RegOpenKeyExW
ObjectDeleteAuditAlarmA
EventAccessQuery
LookupAccountSidA

shell32

DragFinish
FindExecutableA
ShellExecuteW
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderW
DragQueryFileW
SHGetSpecialFolderLocation
SHGetFileInfoW
ord174
ord3
ord98
SHCreateDirectoryExA
SHGetPathFromIDListW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

SHDeleteEmptyKeyW
PathQuoteSpacesA
PathIsUNCW
PathFindExtensionW
PathFindFileNameA
PathRelativePathToA
ord10
StrFormatByteSizeW
PathRemoveFileSpecW
SHCopyKeyA
StrFormatKBSizeW
PathFindFileNameW
PathCompactPathA
ord152
PathQuoteSpacesW
StrRetToBufW
PathStripToRootW

uxtheme

OpenThemeData
GetThemeColor
DrawThemeBackground
DrawThemeParentBackground
GetThemeSysColor
CloseThemeData
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName

ole32

ReleaseStgMedium
OleGetClipboard
OleTranslateAccelerator
CoLockObjectExternal
CoUninitialize
CoCreateGuid
RevokeDragDrop
CoTaskMemAlloc
CoDisconnectObject
IsAccelerator
OleLockRunning
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
RegisterDragDrop
OleCreateMenuDescriptor
CoInitialize
OleDuplicateData
DoDragDrop
CoInitializeSecurity
OleDestroyMenuDescriptor
CoInitializeEx

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipDeleteGraphics
GdipSetInterpolationMode
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImageWidth
GdipDisposeImage
GdipAlloc
GdipGetImageHeight
GdipCreateBitmapFromStream
GdiplusStartup
GdipGetImagePalette
GdipFree
GdipDrawImageI
GdipBitmapUnlockBits
GdipCloneImage
GdiplusShutdown
GdipCreateFromHDC
GdipDrawImageRectI
GdipGetImageGraphicsContext

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.inhu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hemjo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42f119764e6da4f613aacf9f614b32a5

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

95:bb:04:91:62:5a:8c:bf:a1:86:9a:3c:d3:65:46:33:9e:6f:3f:d3:54:c9:dd:36:07:b6:ee:c3:59:1b:be:17Signer

c7:6f:ce:62:5d:38:86:9a:a9:75:29:c8:69:c3:cc:5c:c3:17:f9:06Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.inhu Size: 1KB - Virtual size: 1KB

.hemjo Size: 4KB - Virtual size: 4KB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 136KB - Virtual size: 136KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

95:bb:04:91:62:5a:8c:bf:a1:86:9a:3c:d3:65:46:33:9e:6f:3f:d3:54:c9:dd:36:07:b6:ee:c3:59:1b:be:17
Signer

c7:6f:ce:62:5d:38:86:9a:a9:75:29:c8:69:c3:cc:5c:c3:17:f9:06
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.inhu
Size: 1KB - Virtual size: 1KB

.hemjo
Size: 4KB - Virtual size: 4KB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 136KB - Virtual size: 136KB