daf7f3911a4640a14a35632574939bb2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

daf7f3911a4640a14a35632574939bb2_JaffaCakes118
Size

580KB
MD5

daf7f3911a4640a14a35632574939bb2
SHA1

5eed754ee936f97c3faf09ed90361816fbfdb21c
SHA256

bf111ee3d42a9cc8979bbe25207d7ffd508b5070d87b568ec2a3bb2a6a8f11ea
SHA512

5fd020f4216c55286b25dad080d02d258c2c3bcd3e227b4f826f67b81dcf67da6eb91970ab9aca86bc7876e548989b4fb6e836f589cab64581f57f4748ffb381
SSDEEP

6144:ln4N8iXN8iXN8iXN8iXN8iXN8iXN8dxSbiccVJJGUr0AUtG:143X3X3X3X3X3XwqicuGUrXCG

Score

1^/10

Malware Config

Signatures

Files

daf7f3911a4640a14a35632574939bb2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f01524d13bda7de5bd08321ecf244266

Code Sign

2a:4d:cf:17:2b:de:e4:9e:4c:b2:f2:5c:14:5f:0d:cf
Certificate

Issuer

CN=XZXCLXDY

Not Before

20/11/2018, 21:44

Not After

31/12/2039, 23:59

Subject

CN=XZXCLXDY

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c2:64:58:1e:f7:ca:39:a3:9b:f2:f8:9b:c1:09:8b:18:d9:b4:71:b1:44:f2:ee:37:fe:ee:dd:88:7c:d6:29:00
Signer

Actual PE Digest

c2:64:58:1e:f7:ca:39:a3:9b:f2:f8:9b:c1:09:8b:18:d9:b4:71:b1:44:f2:ee:37:fe:ee:dd:88:7c:d6:29:00

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
WriteConsoleW
WriteFile
lstrlenA
LoadLibraryA
VirtualAlloc
GetModuleHandleA
WideCharToMultiByte
LCMapStringA
VirtualFree
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetCommandLineA
WaitForSingleObject
WaitForMultipleObjects
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
TerminateJobObject
Sleep
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetHandleCount
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableW
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
SetConsoleCursorPosition
RtlUnwind
ReadFile
ReadConsoleOutputCharacterA
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
MultiByteToWideChar
MulDiv
MoveFileW
LocalFree
LocalAlloc
LoadLibraryW
LeaveCriticalSection
LCMapStringW
IsValidLocale
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
IsBadStringPtrA
IsBadReadPtr
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapSize
HeapSetInformation
HeapReAlloc
HeapFree
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryW
GetVolumeInformationW
GetVersionExW
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatW
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemTime
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleFileNameW
GetLogicalDriveStringsW
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetEnvironmentStringsW
GetDriveTypeW
GetDefaultCommConfigW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetConsoleScreenBufferInfo
GetConsoleMode
GetConsoleCP
GetConsoleAliasesW
GetCommandLineW
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeConsole
FormatMessageW
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
FindAtomW
FillConsoleOutputCharacterW
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitProcess
EnumSystemLocalesA
EnterCriticalSection
EndUpdateResourceW
EncodePointer
DeleteFileW
DeleteCriticalSection
DecodePointer
DebugBreak
CreateFileW
CopyFileW
CompareStringW
CloseHandle
BeginUpdateResourceA
GetStringTypeA
AddConsoleAliasA

user32

SetMenu
SetMenuInfo
SetMenuItemInfoW
SetParent
SetRect
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCursor
ShowWindow
SwitchDesktop
SystemParametersInfoW
TabbedTextOutW
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassW
UnregisterHotKey
UpdateWindow
UserHandleGrantAccess
ValidateRect
ValidateRgn
VkKeyScanW
WindowFromPoint
keybd_event
wsprintfA
wsprintfW
InSendMessage
LoadIconA
PostMessageW
PeekMessageW
PackDDElParam
OpenDesktopA
OffsetRect
MsgWaitForMultipleObjects
MoveWindow
MonitorFromPoint
ModifyMenuW
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyW
MapDialogRect
LockSetForegroundWindow
LoadMenuIndirectA
LoadKeyboardLayoutA
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
InvalidateRect
InsertMenuW
InsertMenuItemW
InflateRect
HideCaret
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowModuleFileNameA
GetWindowLongW
GetWindowDC
GetWindow
GetUpdateRgn
GetTopWindow
GetSystemMetrics
SetForegroundWindow
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollInfo
GetPriorityClipboardFormat
GetParent
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemInfoW
GetMenuItemCount
GetKeyboardLayoutList
GetKeyState
GetIconInfo
GetFocus
GetDoubleClickTime
GetDlgItem
GetDialogBaseUnits
GetDesktopWindow
GetDC
GetCursorPos
GetCursor
GetClipboardFormatNameW
GetClientRect
GetClassNameW
GetClassLongW
GetCapture
GetAsyncKeyState
GetAltTabInfoW
GetActiveWindow
FlashWindow
FindWindowW
FindWindowExW
FillRect
EnumThreadWindows
EnumDisplaySettingsW
EnumDisplayDevicesA
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextW
DrawStateW
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DlgDirSelectExA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeferWindowPos
DefWindowProcW
DdeUninitialize
DdeQueryStringW
DdePostAdvise
DdeNameService
DdeInitializeW
DdeGetLastError
DdeGetData
DdeFreeStringHandle
DdeFreeDataHandle
DdeDisconnect
DdeCreateStringHandleW
SetFocus
SetDlgItemTextA
SetDebugErrorLevel
SetCursorPos
SetCursor
SetClassLongW
SetCapture
SendNotifyMessageW
SendMessageW
ScrollWindow
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterHotKey
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsW
CharLowerBuffW
CharNextExA
CharPrevA
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
PtInRect
PostThreadMessageW
GetSystemMenu
PostQuitMessage
DdeCreateDataHandle
DdeConnect
DdeClientTransaction
DdeAbandonTransaction
CreateWindowStationW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateIconIndirect
CreateDialogParamW
CreateDialogIndirectParamW
CreateAcceleratorTableW
CopyRect
CopyIcon
ClientToScreen
ChildWindowFromPointEx
IsZoomed

gdi32

GetCharABCWidthsW
GetClipBox
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetNearestPaletteIndex
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextMetricsW
LineTo
MaskBlt
MoveToEx
OffsetRgn
Pie
PlayEnhMetaFile
PolyBezier
PolyPolygon
Polygon
Polyline
GetBkColor
RealizePalette
RectInRegion
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocW
StartPage
StretchBlt
StretchDIBits
GdiFlush
ExtTextOutW
ExtSelectClipRgn
ExtFloodFill
ExtCreateRegion
ExtCreatePen
EqualRgn
ExcludeClipRect
EnumFontFamiliesExW
EngDeletePath
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePatternBrush
CreatePalette
CreateICW
CreateHatchBrush
CreateFontIndirectW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
CloseEnhMetaFile
PtInRegion
Arc
BitBlt

comdlg32

PageSetupDlgW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW
ChooseColorW
PrintDlgW

advapi32

GetUserNameW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

ExtractIconExW
ShellExecuteW
SHGetSpecialFolderLocation
CheckEscapesW
DragAcceptFiles
DragFinish
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
ShellHookProc
ExtractIconW
SHBrowseForFolder
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW

ole32

RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
OleUninitialize
OleSetClipboard
OleIsCurrentClipboard
OleInitialize
OleGetClipboard
OleFlushClipboard
CoTaskMemFree
CoTaskMemAlloc
CoLockObjectExternal
CoCreateInstance

shlwapi

StrStrIA
StrStrA
StrToIntW

comctl32

ImageList_Destroy
ImageList_DragEnter
ImageList_BeginDrag
ImageList_Add
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ImageList_EndDrag
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Create
ImageList_SetDragCursorImage

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f01524d13bda7de5bd08321ecf244266

Code Sign

2a:4d:cf:17:2b:de:e4:9e:4c:b2:f2:5c:14:5f:0d:cfCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

c2:64:58:1e:f7:ca:39:a3:9b:f2:f8:9b:c1:09:8b:18:d9:b4:71:b1:44:f2:ee:37:fe:ee:dd:88:7c:d6:29:00Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 301KB - Virtual size: 300KB

.data Size: 36KB - Virtual size: 39KB

.rsrc Size: 210KB - Virtual size: 209KB

2a:4d:cf:17:2b:de:e4:9e:4c:b2:f2:5c:14:5f:0d:cf
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

c2:64:58:1e:f7:ca:39:a3:9b:f2:f8:9b:c1:09:8b:18:d9:b4:71:b1:44:f2:ee:37:fe:ee:dd:88:7c:d6:29:00
Signer

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 301KB - Virtual size: 300KB

.data
Size: 36KB - Virtual size: 39KB

.rsrc
Size: 210KB - Virtual size: 209KB