d8ff579aa7fa4f9e658dc98b597c8a42_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d8ff579aa7fa4f9e658dc98b597c8a42_JaffaCakes118
Size

250KB
MD5

d8ff579aa7fa4f9e658dc98b597c8a42
SHA1

51877ef77b94248737ba58ae7f67c9e8e493c4eb
SHA256

9d6dd00b22e2059d7848f8d32e79f4c68ef38c4e63793893a76027e617a7e377
SHA512

0a48f026c3ec6563590115eb1525cd359506ea9406f3feca2ef7b95fb6d951ab984e9bb6fb0da8d915aea4f6b42f5105ce1dbfd790e478c19c71023060186899
SSDEEP

3072:IFNthWQl/rSJ7lvt9filcZritkrINAEYsm2:IBhWQ/mJLflrOAp2

Score

1^/10

Malware Config

Signatures

Files

d8ff579aa7fa4f9e658dc98b597c8a42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d97b710a90a979a9ba1fac5e1ea6c332

Code Sign

0a:f9:b5:23:18:0f:34:a2:4f:cf:d1:1b:74:e7:d6:cd
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

22/06/2020, 00:00

Not After

22/06/2021, 23:59

Subject

CN=ORBIS LTD,O=ORBIS LTD,POSTALCODE=61195,STREET=Gvardiytsiv-Shironintsiv Street\, house 127\, apartment 58,L=Kharkiv,ST=Harkіvska obl.,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

bb:c8:64:36:56:35:b4:f2:cc:7b:67:75:8f:28:30:7f:7f:d0:73:95
Signer

Actual PE Digest

bb:c8:64:36:56:35:b4:f2:cc:7b:67:75:8f:28:30:7f:7f:d0:73:95

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
OpenMutexW
GetFileAttributesW
CreateDirectoryW
CreateFileW
WaitNamedPipeW
WriteFile
GlobalAddAtomW
GlobalGetAtomNameW
GlobalDeleteAtom
GetUserDefaultUILanguage
FindFirstFileW
FindClose
FindNextFileW
CreateFileMappingW
GetFileSizeEx
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetNativeSystemInfo
FindCloseChangeNotification
FindNextChangeNotification
OutputDebugStringW
SetLastError
ReleaseMutex
CreateMutexW
ProcessIdToSessionId
SetEnvironmentVariableA
ReadConsoleW
ReadFile
SetEndOfFile
SetStdHandle
SetFilePointerEx
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleMode
GetConsoleCP
LocalFree
GetTimeZoneInformation
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
RtlCaptureContext
HeapReAlloc
HeapSize
ExitProcess
GetCommandLineW
ExitThread
GetSystemTimeAsFileTime
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
LCMapStringW
EncodePointer
DecodePointer
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
GetModuleFileNameA
CreateProcessA
SetUnhandledExceptionFilter
InitializeCriticalSection
SetCriticalSectionSpinCount
LocalAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
WaitForMultipleObjects
SetThreadPriority
CreateThread
CreateEventW
GetCurrentProcessId
VirtualFree
VirtualAlloc
lstrcmpW
DeleteCriticalSection
WaitForSingleObject
GetCurrentThread
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
OpenProcess
Sleep
FreeLibrary
LoadLibraryW
GetTickCount
CloseHandle
ResetEvent
SetEvent
OpenEventW
WTSGetActiveConsoleSessionId
GetModuleFileNameW
GetLastError
GetVersionExW
GetWindowsDirectoryW
lstrcpyW
lstrcatW
lstrcpynW
ExpandEnvironmentStringsW
CompareStringW
lstrcmpiW
GetProcAddress
GetModuleHandleW
RaiseException
lstrlenW
MulDiv
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcmpiA
ContinueDebugEvent
GetConsoleAliasW
ReplaceFile
WriteConsoleInputW
FreeEnvironmentStringsA
RequestWakeupLatency
SetThreadLocale
SetTapeParameters
GetExitCodeProcess
GetSystemTimeAdjustment
EnumCalendarInfoExA
GetProfileSectionW
SetConsoleTitleA
GetLogicalDriveStringsW
GetCPInfoExW
OpenFileMappingW
SignalObjectAndWait
EnumResourceLanguagesA
GetSystemPowerStatus
SetTimeZoneInformation
GetWindowsDirectoryA
GetLocalTime
SetPriorityClass
BackupSeek
FindResourceExW
ReadFileEx
ReplaceFileA
ResetWriteWatch
VirtualQuery
GetVolumePathNameA
SetConsoleCursorPosition
SetMessageWaitingIndicator
SetVolumeMountPointA
GetConsoleTitleW
GetStringTypeExW
GetCommMask
EnumDateFormatsExA
VirtualLock
SetConsoleCP
GetDiskFreeSpaceW
LoadLibraryA

user32

TrackPopupMenu
GetForegroundWindow
DefWindowProcW
CallWindowProcW
SetWindowPos
GetDlgItem
GetClientRect
GetWindow
GetWindowLongW
DialogBoxParamW
GetMenuItemInfoW
LoadIconW
PostQuitMessage
EnableMenuItem
MoveWindow
RegisterWindowMessageW
GetSysColorBrush
DrawFrameControl
DrawStateW
LoadStringW
DrawEdge
DestroyMenu
GetMenuDefaultItem
SetMenuDefaultItem
LoadMenuW
GetSubMenu
MonitorFromPoint
SetMenuItemInfoW
UnregisterClassW
RegisterClassExW
OpenInputDesktop
EnumDesktopWindows
CloseDesktop
IsIconic
GetPropW
GetLastInputInfo
GetMenuItemCount
CreateDialogParamW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowThreadProcessId
EnumWindows
PostThreadMessageW
EqualRect
GetMonitorInfoW
MonitorFromRect
MonitorFromWindow
GetWindowTextW
DrawTextW
GetDC
ShowWindow
EnumDisplayMonitors
SetActiveWindow
SetForegroundWindow
AdjustWindowRectEx
GetMenu
DrawFocusRect
GetFocus
IsWindowEnabled
CharNextW
GetDlgCtrlID
GetWindowTextLengthW
CreateWindowExW
LoadCursorW
SetWindowLongW
GetClassNameW
GetCursorPos
ReleaseCapture
GetCapture
SetCapture
SetCursor
PtInRect
EndPaint
BeginPaint
DestroyWindow
IsWindow
GetSystemMetrics
GetDesktopWindow
GetWindowDC
TranslateAcceleratorW
LoadAcceleratorsW
DestroyAcceleratorTable
SetTimer
KillTimer
EndDialog
DestroyIcon
SetWindowTextW
SetRectEmpty
GetSysColor
LoadBitmapW
DrawIconEx
SetFocus
UpdateWindow
ReleaseDC
SystemParametersInfoW
FindWindowW
GetWindowRect
AdjustWindowRect
SetRect
IsDialogMessageW
PostMessageW
EnableWindow
IsWindowVisible
wsprintfW
ScreenToClient
ClientToScreen
GetParent
OffsetRect
CopyRect
SendMessageW
GetIconInfo
FillRect
LoadImageW
InvalidateRect
GetDoubleClickTime
AnyPopup
GetCaretBlinkTime
CreatePopupMenu
GetKeyState
CloseClipboard
GetInputState
CreateMenu
GetDialogBaseUnits
EndMenu
GetAsyncKeyState
GetCursor
CountClipboardFormats
GetKBCodePage
CharLowerW
GetClipboardSequenceNumber
GetClipboardData
GetActiveWindow
GetListBoxInfo
GetClipboardOwner
CopyIcon
DestroyCursor
GetOpenClipboardWindow
InSendMessage
EnumClipboardFormats
GetMenuContextHelpId
GetProcessWindowStation
GetKeyboardType
GetKeyboardLayout
GetMessageTime
GetLastActivePopup
CharLowerA
GetMessagePos
CharUpperA
CharUpperW

gdi32

DeleteDC
RestoreDC
CreateRectRgn
CombineRgn
CreatePen
SaveDC
GetCurrentObject
ExcludeClipRect
Rectangle
GetRegionData
GetDeviceCaps
GetCurrentPositionEx
GetTextColor
CreateFontIndirectW
SetViewportOrgEx
CreateFontW
ExtTextOutW
SetBkColor
SetTextColor
SetBkMode
GetBkMode
CreateSolidBrush
DeleteObject
GetStockObject
GetObjectW
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
StretchBlt
GetTextExtentPoint32W
SelectClipRgn
STROBJ_dwGetCodePage
Polygon
ExtFloodFill
Pie
GetFontAssocStatus
GdiIsPlayMetafileDC
GdiValidateHandle
EngStrokePath
FloodFill
GdiEntry9
GetKerningPairsA
CreateDCA
GetTextFaceW
GdiConvertPalette
GdiEntry12
EndPage
CreateMetaFileW
CreatePolygonRgn
GetLogColorSpaceW
STROBJ_vEnumStart
CreateBitmap
GetBoundsRect
FrameRgn
GetMapMode
EngCreateSemaphore
GdiProcessSetup
GetRgnBox
SetICMProfileW
SetPixelFormat
GetTextFaceA
GdiIsMetaPrintDC
ColorMatchToTarget
SwapBuffers
GetMetaFileA
EngAcquireSemaphore
GdiGradientFill
SetDCPenColor
GdiDescribePixelFormat
GetAspectRatioFilterEx
GetHFONT
WidenPath
UpdateColors
StrokePath
SetMetaRgn
GetEnhMetaFileA

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegNotifyChangeKeyValue
RegOpenKeyA

shell32

SHGetFileInfoW
ShellExecuteW
SHAppBarMessage
Shell_NotifyIconW
SHGetFolderPathW
CommandLineToArgvW
ExtractIconExW
SHGetFolderPathA
SHGetSettings
DragQueryFileA
SHFormatDrive
SHGetInstanceExplorer
SHAddToRecentDocs
SHBrowseForFolder
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetFileInfo
SHPathPrepareForWriteA
ShellAboutW
WOWShellExecute
ExtractIconA
SHLoadInProc

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeEx
CoCreateFreeThreadedMarshaler
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

shlwapi

PathAppendW
PathRemoveFileSpecW
PathAddBackslashW
PathFileExistsW
PathSearchAndQualifyW
PathFindOnPathW
PathIsRelativeW
PathFindExtensionW
PathRemoveArgsW
PathGetArgsW
StrRStrIA
StrRChrIA
StrRChrIW
StrStrIA

comctl32

ImageList_Destroy
ImageList_Create
ImageList_GetIcon
ImageList_Merge
ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetImageCount
ImageList_Remove
InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 497B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d97b710a90a979a9ba1fac5e1ea6c332

Code Sign

0a:f9:b5:23:18:0f:34:a2:4f:cf:d1:1b:74:e7:d6:cdCertificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

bb:c8:64:36:56:35:b4:f2:cc:7b:67:75:8f:28:30:7f:7f:d0:73:95Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 221KB - Virtual size: 221KB

.rdata Size: 512B - Virtual size: 497B

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 2KB - Virtual size: 1KB

0a:f9:b5:23:18:0f:34:a2:4f:cf:d1:1b:74:e7:d6:cd
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

bb:c8:64:36:56:35:b4:f2:cc:7b:67:75:8f:28:30:7f:7f:d0:73:95
Signer

.text
Size: 221KB - Virtual size: 221KB

.rdata
Size: 512B - Virtual size: 497B

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 2KB - Virtual size: 1KB