c0657e4fcc30c9810cb1d4671e7e8bcf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0657e4fcc30c9810cb1d4671e7e8bcf_JaffaCakes118
Size

307KB
MD5

c0657e4fcc30c9810cb1d4671e7e8bcf
SHA1

e047575d31e3863f29007d45bd265787f09f34c9
SHA256

67d1296415d8b1157265e684477e409335e7b5f1a776fdb510ea77123a4f93e5
SHA512

55e12b12a2ab6db99434df7bbf892bd6a5b49688eec13bc71ba07acc6af42737989e5b4f49a09d83531c1ca66e64a7c3d651d56bb47a9bd763178219099d7c70
SSDEEP

6144:o/zCaSRScjtTHGM/gSh6uFz2LJGRg4kLNnei36cwx:ouJ9GhS3FCdUcG

Score

1^/10

Malware Config

Signatures

Files

c0657e4fcc30c9810cb1d4671e7e8bcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

641fb519d9d7d181ad591b441761ad1c

Code Sign

52:50:e5:54:52:59:83:41:b6:f5:bc:df:8e:4f:cf:a2
Certificate

Issuer

CN=YKSCFVGXDNBVFNXKUF

Not Before

26/04/2019, 12:26

Not After

31/12/2039, 23:59

Subject

CN=YKSCFVGXDNBVFNXKUF

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

da:37:8f:6b:d0:5b:9a:19:24:0f:0b:73:58:a0:9e:82:71:c6:18:64:4d:58:10:ae:89:55:31:a2:d0:e4:aa:dc
Signer

Actual PE Digest

da:37:8f:6b:d0:5b:9a:19:24:0f:0b:73:58:a0:9e:82:71:c6:18:64:4d:58:10:ae:89:55:31:a2:d0:e4:aa:dc

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetModuleHandleW
GetModuleHandleA
GetCommandLineW
GetStartupInfoA

user32

GetProcessWindowStation
GetQueueStatus
LoadCursorFromFileW
PaintDesktop
CharUpperA
IsWindow
GetSysColorBrush
IsClipboardFormatAvailable
AnyPopup
CloseWindowStation
GetDesktopWindow
GetClipboardOwner
GetThreadDesktop
GetCaretBlinkTime
DestroyWindow
GetKeyState
IsIconic
GetTopWindow
GetSysColor
GetListBoxInfo
CharNextW
IsWindowVisible
CharUpperW
CharNextExA
CharToOemBuffA

gdi32

DeleteObject
UpdateColors
GetLayout
CreateMetaFileW
DeleteEnhMetaFile
GetTextAlign
GetDCPenColor
CloseMetaFile
CreateMetaFileA
FillPath
RealizePalette
EndDoc
SwapBuffers
GetFontLanguageInfo
GetSystemPaletteUse
GetGraphicsMode
GetStretchBltMode
WidenPath
ExtSelectClipRgn
CreatePatternBrush
GetViewportExtEx
SelectPalette
CreatePen
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetTextExtentPoint32A
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
CreateRectRgn
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetObjectA
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
CreateFontIndirectA
GetStockObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
GetWindowExtEx
Pie

advapi32

RegOpenKeyA
RegQueryValueExA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

641fb519d9d7d181ad591b441761ad1c

Code Sign

52:50:e5:54:52:59:83:41:b6:f5:bc:df:8e:4f:cf:a2Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

da:37:8f:6b:d0:5b:9a:19:24:0f:0b:73:58:a0:9e:82:71:c6:18:64:4d:58:10:ae:89:55:31:a2:d0:e4:aa:dcSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 172B

.data Size: 97KB - Virtual size: 97KB

.rsrc Size: 200KB - Virtual size: 200KB

52:50:e5:54:52:59:83:41:b6:f5:bc:df:8e:4f:cf:a2
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

da:37:8f:6b:d0:5b:9a:19:24:0f:0b:73:58:a0:9e:82:71:c6:18:64:4d:58:10:ae:89:55:31:a2:d0:e4:aa:dc
Signer

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 172B

.data
Size: 97KB - Virtual size: 97KB

.rsrc
Size: 200KB - Virtual size: 200KB