c77b40c61bd46d518f8e7f0542e420d9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c77b40c61bd46d518f8e7f0542e420d9_JaffaCakes118
Size

820KB
MD5

c77b40c61bd46d518f8e7f0542e420d9
SHA1

9275940eae470cd25f79aa04fcb18912989ddd76
SHA256

fec7ac144cceeecaf12ca5ed7258bb20e3fe64cbd9db191241956ad0372af2e5
SHA512

4f1a14b8bf46a6c7bc32dca838b348be33b5c6dda62af890347dc072f79c1539fb3dbe4e73209364365f4d1eb8685dc569b649a6307f7232ca6c1573eb237648
SSDEEP

3072:VAIJPZgN3dG/Np+ahhFI+6iNkoYn+jofzk:VAIJ6dG14aWoBY+s4

Score

1^/10

Malware Config

Signatures

Files

c77b40c61bd46d518f8e7f0542e420d9_JaffaCakes118
.exe windows:6 windows x86 arch:x86

73559624202ff47ac0125f9dd76e372f

Code Sign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:e3:5d:02:5e:65:cc:7a:4e:e0:1f:72
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

08-07-2020 18:03

Not After

09-05-2021 15:42

Subject

SERIALNUMBER=1157746698020,CN=Logika OOO,O=Logika OOO,STREET=Ul. Pochtovaya B\, 26V\, str. 1\, kab. 408-1,L=Moscow,ST=Moscow,C=RU,1.3.6.1.4.1.311.60.2.1.2=#13064d6f73636f77,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ac:b0:77:86:ab:98:30:6a:8d:14:06:35:c7:2f:d7:7c:86:ec:ca:e5
Signer

Actual PE Digest

ac:b0:77:86:ab:98:30:6a:8d:14:06:35:c7:2f:d7:7c:86:ec:ca:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_Destroy
ord17
ImageList_Draw

kernel32

WriteConsoleW
SetStdHandle
GetStringTypeW
LCMapStringEx
ReadFile
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
OutputDebugStringW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
InitOnceExecuteOnce
LoadLibraryExA
LoadLibraryExW
ExitProcess
CloseHandle
GetUserDefaultUILanguage
GetLastError
GetProcAddress
MultiByteToWideChar
GetConsoleCP
CreateFileW
GetVersionExW
LoadLibraryW
FreeLibrary
SetFilePointer
GetFileSize
RtlUnwind
GetFileType
GetCurrentThreadId
RaiseException
InterlockedIncrement
SetLastError
Sleep
GetModuleHandleW
GetStartupInfoW
HeapAlloc
EncodePointer
DecodePointer
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
InterlockedDecrement
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapReAlloc
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess

user32

DefWindowProcW
GetSysColor
BeginPaint
GetClientRect
FillRect
SendInput
LoadCursorW
RegisterClassExW
LoadIconW
GetSysColorBrush
GetDlgItemInt
PostQuitMessage
DialogBoxParamW
SetFocus
InvalidateRect
GetWindowLongW
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
LoadStringW
LoadBitmapW
IsDlgButtonChecked
CreateWindowExW
MessageBoxW
SetDlgItemTextW
SendMessageW
EnableWindow
SetWindowTextW
EndPaint

gdi32

StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
DeleteDC

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 727KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73559624202ff47ac0125f9dd76e372f

Code Sign

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

7b:e3:5d:02:5e:65:cc:7a:4e:e0:1f:72Certificate

Extended Key Usages

Key Usages

ac:b0:77:86:ab:98:30:6a:8d:14:06:35:c7:2f:d7:7c:86:ec:ca:e5Signer

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 211KB

.rsrc Size: 727KB - Virtual size: 727KB

04:00:00:00:00:01:21:58:53:08:a2
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

7b:e3:5d:02:5e:65:cc:7a:4e:e0:1f:72
Certificate

ac:b0:77:86:ab:98:30:6a:8d:14:06:35:c7:2f:d7:7c:86:ec:ca:e5
Signer

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 211KB

.rsrc
Size: 727KB - Virtual size: 727KB