be24815f69b7710de58f70584d661c81_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be24815f69b7710de58f70584d661c81_JaffaCakes118
Size

2.2MB
MD5

be24815f69b7710de58f70584d661c81
SHA1

16d6107ea120c7b556d4a8dc499c424a336ef9e7
SHA256

61019625ef3bae1ef27e859a29b23dcace8e287790141602cdc37a0c3ba57424
SHA512

b9641705499b0075666462e65003cc49f00d17019f72287766b8892d489cc210ae4fb00f7074df482015e7234a0cf886985f93dc6dafa9896f2f0d002d89eec7
SSDEEP

49152:4NNE62PR6AN7OhclNHWlprfWSJf7U3myS7VbaIEie52ztd:4NWoARO6ldANf5Jf7U3mF7VbaJS

Score

1^/10

Malware Config

Signatures

Files

be24815f69b7710de58f70584d661c81_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c3359c7c07deb84e7171ffb91fb0eb53

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:8c:e7:24:8a:4e:23:72:11:73:ca:a9:2f:64:7f:b7:bc:b6:a1:87:b5:2f:ec:a8:4e:56:27:46:77:e0:61:b8
Signer

Actual PE Digest

88:8c:e7:24:8a:4e:23:72:11:73:ca:a9:2f:64:7f:b7:bc:b6:a1:87:b5:2f:ec:a8:4e:56:27:46:77:e0:61:b8

Digest Algorithm

sha256

PE Digest Matches

true

b3:94:81:e8:d9:3f:9b:95:46:a6:c1:76:5c:13:e1:93:c8:6d:11:85
Signer

Actual PE Digest

b3:94:81:e8:d9:3f:9b:95:46:a6:c1:76:5c:13:e1:93:c8:6d:11:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
OutputDebugStringW
RaiseException
Sleep
DeleteCriticalSection
CloseHandle
WriteFile
LCMapStringW
InitializeCriticalSectionEx
QueryPerformanceCounter
SetFilePointerEx
FileTimeToSystemTime
CompareStringW
GlobalUnlock
GetCurrentThread
GlobalReAlloc
GetTimeZoneInformation
ResetEvent
GetSystemTimeAsFileTime
GetFullPathNameW
GetWindowsDirectoryW
SetUnhandledExceptionFilter
GlobalAddAtomW
GlobalLock
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
UnlockFile
GetFileSizeEx
FindClose
GetConsoleCP
GlobalDeleteAtom
DecodePointer
FileTimeToLocalFileTime
FreeLibrary
GetPrivateProfileIntW
HeapFree
FreeEnvironmentStringsW
ReadFile
GetStartupInfoW
IsProcessorFeaturePresent
GetEnvironmentStringsW
CreateEventW
GetProcAddress
GetTempPathW
FindFirstFileW
GetACP
TerminateProcess
Process32NextW
GetConsoleMode
ResumeThread
GetVersionExW
SetStdHandle
GetModuleHandleW
GetFileType
GlobalFindAtomW
GetProfileIntW
GetUserDefaultUILanguage
VirtualProtect
TlsAlloc
LocalAlloc
IsValidCodePage
GlobalAlloc
LoadLibraryA
GlobalHandle
SearchPathW
FlushFileBuffers
GetCommandLineW
GetCPInfo
HeapReAlloc
CreateFileW
GetFileAttributesW
RtlUnwind
CopyFileW
WideCharToMultiByte
GetEnvironmentVariableW
GetSystemDirectoryW
GetSystemInfo
OutputDebugStringA
LocalReAlloc
EncodePointer
GetOEMCP
GetLastError
VirtualAlloc
GetLocaleInfoW
LoadLibraryW
MultiByteToWideChar
MulDiv
GetVolumeInformationW
LockFile
GetStringTypeW
GlobalFlags
GlobalSize
ExitProcess
FindResourceW
GetModuleHandleExW
DeleteFileW
FormatMessageW
WaitForSingleObjectEx
GetSystemDefaultUILanguage
SetThreadPriority
FreeLibraryAndExitThread
DuplicateHandle
GetFileAttributesExW
GetModuleFileNameW
ExitThread
GetStdHandle
WaitForSingleObject
FindFirstFileExW
lstrcpyW
InitializeCriticalSectionAndSpinCount
CompareStringA
lstrcmpiW
TlsGetValue
SetLastError
UnhandledExceptionFilter
LockResource
GetFileSize
LoadResource
GetFileTime
LocalFree
GetTickCount
HeapQueryInformation
VerifyVersionInfoW
SetEnvironmentVariableW
lstrcmpW
lstrcmpA
GetPrivateProfileStringW
LoadLibraryExW
LeaveCriticalSection
SizeofResource
SetErrorMode
GlobalFree
GetCurrentProcess
CreateThread
HeapSize
VerSetConditionMask
GetCurrentProcessId
QueryPerformanceFrequency
VirtualQuery
SetEndOfFile
TlsFree
SetEvent
GetCommandLineA
GetTempFileNameW
EnterCriticalSection
HeapAlloc
FindResourceExW
GetProcessHeap
GlobalGetAtomNameW
WriteConsoleW
GetCurrentDirectoryW
FindNextFileW
WritePrivateProfileStringW
InitializeCriticalSection
InitializeSListHead
GetCurrentThreadId
SetFilePointer
IsDebuggerPresent

user32

ToUnicodeEx
GetDoubleClickTime
ReleaseDC
GetMenuItemID
InvertRect
IsIconic
SetMenuItemBitmaps
InflateRect
ShowWindow
LockWindowUpdate
CallNextHookEx
InsertMenuItemW
GetWindow
GetSubMenu
GetKeyNameTextW
GetIconInfo
EnumChildWindows
CheckMenuItem
CharUpperW
GetSystemMenu
SetDlgItemTextW
GetNextDlgTabItem
GetMenuItemInfoW
GetMessagePos
IsClipboardFormatAvailable
DrawFrameControl
DestroyAcceleratorTable
LoadCursorW
EqualRect
DispatchMessageW
DestroyCursor
EnableMenuItem
GetDlgCtrlID
IsWindowVisible
SetFocus
GetUpdateRect
RegisterWindowMessageW
CopyImage
GetMessageTime
CreateDialogIndirectParamW
LoadAcceleratorsW
CallWindowProcW
IsDialogMessageW
GetWindowRect
UnpackDDElParam
ShowOwnedPopups
GetActiveWindow
SetPropW
SetParent
CharUpperBuffW
GetComboBoxInfo
SetMenu
SetWindowTextW
PtInRect
WaitMessage
MoveWindow
SetCursor
UnhookWindowsHookEx
SetCursorPos
ScrollWindow
CreateMenu
SetForegroundWindow
SetRect
CopyAcceleratorTableW
OffsetRect
GetTopWindow
GetLastActivePopup
SubtractRect
GetCursorPos
MapDialogRect
EndPaint
LoadIconW
SetWindowPlacement
CreateAcceleratorTableW
GetMenu
RemoveMenu
DrawTextExW
GetMenuItemCount
GetScrollPos
DrawIconEx
SetClipboardData
DrawEdge
GetForegroundWindow
GetMenuState
CreatePopupMenu
CopyRect
SetScrollRange
GetAsyncKeyState
DestroyIcon
SetLayeredWindowAttributes
DeferWindowPos
DefFrameProcW
GetClientRect
TabbedTextOutW
SetWindowLongW
GetWindowLongW
RealChildWindowFromPoint
PostQuitMessage
MapVirtualKeyW
EndDeferWindowPos
SetTimer
LoadMenuW
SystemParametersInfoW
GetDlgItem
GetSysColor
IsZoomed
NotifyWinEvent
FillRect
GetClassNameW
RemovePropW
UpdateLayeredWindow
GetWindowThreadProcessId
RegisterClassW
DrawTextW
IntersectRect
FrameRect
EmptyClipboard
UnionRect
GetMessageW
DestroyMenu
TrackMouseEvent
CopyIcon
GetFocus
PostThreadMessageW
GetWindowRgn
SetRectEmpty
InvalidateRect
GetWindowTextW
SetScrollInfo
UpdateWindow
IsWindowEnabled
ClientToScreen
GetClassLongW
DrawMenuBar
ShowScrollBar
RegisterClipboardFormatW
IsWindow
ValidateRect
ModifyMenuW
DrawIcon
SetWindowRgn
GetScrollInfo
GetWindowPlacement
MonitorFromPoint
SendMessageW
GetPropW
SetClassLongW
GetScrollRange
MessageBoxW
SetMenuDefaultItem
SetWindowPos
DefMDIChildProcW
GetClassInfoExW
ScreenToClient
BeginDeferWindowPos
DrawStateW
SetCapture
UnregisterClassW
DrawFocusRect
MapVirtualKeyExW
GetDC
IsRectEmpty
WindowFromPoint
GetDesktopWindow
GetNextDlgGroupItem
ReleaseCapture
EnableWindow
KillTimer
BringWindowToTop
IsChild
SendDlgItemMessageA
CreateWindowExW
HideCaret
FindWindowExW
IsCharLowerW
IsMenu
GetSysColorBrush
EndDialog
DefWindowProcW
InsertMenuW
MapWindowPoints
GetMenuStringW
GetParent
GetCapture
CheckDlgButton
AdjustWindowRectEx
TranslateMessage
GetMonitorInfoW
DeleteMenu
BeginPaint
DestroyWindow
AppendMenuW
ReuseDDElParam
WinHelpW
GetKeyState
LoadImageW
EnumDisplayMonitors
TranslateMDISysAccel
LoadBitmapW
TrackPopupMenu
GetMenuCheckMarkDimensions
RedrawWindow
SetScrollPos
GetWindowDC
EnableScrollBar
TranslateAcceleratorW
SetMenuItemInfoW
FindWindowW
OpenClipboard
SetWindowsHookExW
GetWindowTextLengthW
GetClassInfoW
GetMenuDefaultItem
CloseClipboard
MessageBeep
SetActiveWindow
GetSystemMetrics
MonitorFromWindow
PeekMessageW
GetKeyboardLayout
GrayStringW
GetKeyboardState
PostMessageW

gdi32

CreateRectRgn
MoveToEx
CreateRectRgnIndirect
Polyline
SetPixel
SelectPalette
SetPixelV
DeleteObject
ScaleWindowExtEx
BitBlt
SelectObject
Polygon
TextOutW
RoundRect
CopyMetaFileW
CreateEllipticRgn
SetPaletteEntries
CreateCompatibleBitmap
CreateCompatibleDC
GetBoundsRect
SetWindowExtEx
ExtSelectClipRgn
SetBkMode
GetWindowExtEx
CreateRoundRectRgn
RestoreDC
CreateSolidBrush
SaveDC
SetRectRgn
GetViewportOrgEx
CreateDCW
SetDIBColorTable
SetTextColor
ExtTextOutW
CreateDIBSection
GetTextFaceW
ExcludeClipRect
CreatePalette
OffsetWindowOrgEx
GetSystemPaletteEntries
CombineRgn
SetMapMode
Rectangle
GetBkColor
PatBlt
CreateHatchBrush
GetNearestPaletteIndex
GetStockObject
StretchBlt
PtVisible
CreateFontIndirectW
GetDIBits
SelectClipRgn
OffsetViewportOrgEx
Escape
GetTextExtentPoint32W
CreatePatternBrush
RectVisible
SetViewportOrgEx
Ellipse
GetViewportExtEx
GetTextColor
SetBkColor
OffsetRgn
EnumFontFamiliesW
ExtFloodFill
IntersectClipRect
GetLayout
FrameRgn
SetLayout
CreatePolygonRgn
CreatePen
GetObjectW
GetPaletteEntries
GetTextCharsetInfo
EnumFontFamiliesExW
GetObjectType
RealizePalette
GetRgnBox
CreateBitmap
CreateDIBitmap
DeleteDC
SetWindowOrgEx
SetTextAlign
ScaleViewportExtEx
GetTextMetricsW
LineTo
SetROP2
SetViewportExtEx
GetWindowOrgEx
GetPixel
SetPolyFillMode
LPtoDP
GetDeviceCaps
DPtoLP
PtInRegion
GetClipBox
FillRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCloseKey
RegSetValueExW
LookupPrivilegeValueW
RegQueryValueW
RegEnumKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
OpenProcessToken
AdjustTokenPrivileges
RegDeleteValueW
RegCreateKeyExW

shell32

DragQueryFileW
SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
SHAppBarMessage
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
DragFinish
SHGetMalloc

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

uxtheme

GetCurrentThemeName
GetThemeColor
GetThemeSysColor
OpenThemeData
CloseThemeData
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeBackground
DrawThemeText
IsAppThemed
GetWindowTheme

ole32

CoInitializeEx
CoDisconnectObject
CreateStreamOnHGlobal
RevokeDragDrop
CoUninitialize
CoInitializeSecurity
RegisterDragDrop
OleCreateMenuDescriptor
OleLockRunning
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
DoDragDrop
CoLockObjectExternal
OleDuplicateData
IsAccelerator
CoTaskMemFree
OleDestroyMenuDescriptor
OleGetClipboard
CoInitialize
OleTranslateAccelerator
CoCreateGuid

oleaut32

LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysStringLen
VariantCopy
SysAllocStringLen
VarBstrFromDate
VariantChangeType
VariantClear
SysFreeString
SysAllocString

gdiplus

GdipCloneImage
GdipAlloc
GdiplusShutdown
GdipFree
GdipGetImagePaletteSize
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipGetImageHeight
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipBitmapLockBits
GdipGetImageWidth
GdipDisposeImage
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipDrawImageI
GdipSetInterpolationMode

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.inhu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hemjo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3359c7c07deb84e7171ffb91fb0eb53

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

88:8c:e7:24:8a:4e:23:72:11:73:ca:a9:2f:64:7f:b7:bc:b6:a1:87:b5:2f:ec:a8:4e:56:27:46:77:e0:61:b8Signer

b3:94:81:e8:d9:3f:9b:95:46:a6:c1:76:5c:13:e1:93:c8:6d:11:85Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.inhu Size: 1KB - Virtual size: 1KB

.hemjo Size: 4KB - Virtual size: 4KB

.rdata Size: 330KB - Virtual size: 330KB

.data Size: 21KB - Virtual size: 38KB

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 136KB - Virtual size: 135KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

88:8c:e7:24:8a:4e:23:72:11:73:ca:a9:2f:64:7f:b7:bc:b6:a1:87:b5:2f:ec:a8:4e:56:27:46:77:e0:61:b8
Signer

b3:94:81:e8:d9:3f:9b:95:46:a6:c1:76:5c:13:e1:93:c8:6d:11:85
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.inhu
Size: 1KB - Virtual size: 1KB

.hemjo
Size: 4KB - Virtual size: 4KB

.rdata
Size: 330KB - Virtual size: 330KB

.data
Size: 21KB - Virtual size: 38KB

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 136KB - Virtual size: 135KB