da49abdbad1bdaf594a029b600a2d9d5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

da49abdbad1bdaf594a029b600a2d9d5_JaffaCakes118
Size

340KB
MD5

da49abdbad1bdaf594a029b600a2d9d5
SHA1

0628bc15100fd6c24d5731a1bb0a8533d16af7c3
SHA256

18905d235738c85e882acbd78832016ed84a4ad6166fc69f4f21541e9ea1e371
SHA512

f698909cc41ed9a21c1c7c1a999569f112efcc82c615d790278a6bdca73a6d9abe088c8f600389fb96e3f357defeee89556e841d9bacd71f9988193c8a385127
SSDEEP

3072:DvA1p08RqEQAIVEd2gG/vNlo0JFx/pANyCm0PQEKR/JnXHWP:D206xWgGxLxWN40PDKR/JnX2P

Score

1^/10

Malware Config

Signatures

Files

da49abdbad1bdaf594a029b600a2d9d5_JaffaCakes118
.dll windows:3 windows x86 arch:x86

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

Issuer

CN=BMUZVYUGWSQWLAIISX

Not Before

21/01/2021, 22:35

Not After

31/12/2039, 23:59

Subject

CN=BMUZVYUGWSQWLAIISX

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

97:0b:72:6c:61:9e:bf:33:35:ac:db:b0:18:94:41:07:ce:c6:03:00
Signer

Actual PE Digest

97:0b:72:6c:61:9e:bf:33:35:ac:db:b0:18:94:41:07:ce:c6:03:00

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError

user32

LoadCursorA
DrawMenuBar
wsprintfW
PostMessageA
EnumChildWindows
SendMessageTimeoutA
GetWindowTextA
EnumWindows
SendMessageA
wsprintfA
GetClassNameA

gdi32

AddFontResourceW
RealizePalette
CreateMetaFileW

advapi32

RegOpenKeyA
GetUserNameA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3ae5fdd8a570c86ac164493e1298ec

Code Sign

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50Certificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

97:0b:72:6c:61:9e:bf:33:35:ac:db:b0:18:94:41:07:ce:c6:03:00Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 512B - Virtual size: 87B

.data Size: 1024B - Virtual size: 1KB

.text4 Size: 315KB - Virtual size: 315KB

.text8 Size: 512B - Virtual size: 100B

.text7 Size: 512B - Virtual size: 100B

.text6 Size: 512B - Virtual size: 100B

.text5 Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 992B

70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

97:0b:72:6c:61:9e:bf:33:35:ac:db:b0:18:94:41:07:ce:c6:03:00
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 512B - Virtual size: 87B

.data
Size: 1024B - Virtual size: 1KB

.text4
Size: 315KB - Virtual size: 315KB

.text8
Size: 512B - Virtual size: 100B

.text7
Size: 512B - Virtual size: 100B

.text6
Size: 512B - Virtual size: 100B

.text5
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 992B