de9cf724678389e4441be836c61847bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

de9cf724678389e4441be836c61847bc_JaffaCakes118
Size

437KB
MD5

de9cf724678389e4441be836c61847bc
SHA1

4359e2346a84476c563bd69ee471431f121e5b25
SHA256

28ab808ac948aa01d7b63cecaa3fc631905fbafa3aa1546cd1f4343f321df5c5
SHA512

13f6926fdaeb4d403d4189d6e92cdb2720f4bb2ab60681449c6d49557c3d288ae058571455611ca42fafd14bc2f7d7a07400b55f1e6a27bf6bcb42734590855b
SSDEEP

3072:Rpb5KYy7XCQW4rKMXxgT1urCd1o+RNLz1sqYaj8XJXJ92iCBWb:1FAKCxgAOXPRNLIaj8XMo

Score

1^/10

Malware Config

Signatures

Files

de9cf724678389e4441be836c61847bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

00b71178c103f4d32a6f68182eee6e23

Code Sign

1a:9b:ac:cd:da:88:c7:80:40:57:e3:46:fb:b5:a2:6f
Certificate

Issuer

CN=DJSWGGHF

Not Before

16/03/2019, 19:27

Not After

31/12/2039, 23:59

Subject

CN=DJSWGGHF

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

96:18:3e:ee:d1:90:3c:32:0f:32:2e:3b:c7:09:60:f0:d2:d8:c7:29:91:f0:97:b2:96:a2:ae:53:7d:ec:63:20
Signer

Actual PE Digest

96:18:3e:ee:d1:90:3c:32:0f:32:2e:3b:c7:09:60:f0:d2:d8:c7:29:91:f0:97:b2:96:a2:ae:53:7d:ec:63:20

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpA
lstrcmpW
TlsSetValue
lstrcmpiW
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenW
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetLastError
SetFileAttributesW
SetCurrentDirectoryW
RtlUnwind
QueryPerformanceCounter
OutputDebugStringW
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
LeaveCriticalSection
LCMapStringW
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GlobalFree
GlobalAlloc
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetShortPathNameW
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW
GetLastError
GetFileType
GetFileAttributesW
GetEnvironmentStringsW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FormatMessageW
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
EncodePointer
DeleteFileW
DeleteCriticalSection
DecodePointer
CreateFileW
CreateDirectoryW
CopyFileW
VirtualAllocEx
lstrcmpiA
GetModuleHandleA

user32

GetDC
GetDCEx
GetDlgCtrlID
GetDlgItem
GetDlgItemTextA
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringA
GetCursorPos
GetMessagePos
GetMessageTime
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringA
HideCaret
IMPQueryIMEW
InflateRect
IntersectRect
InvalidateRect
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadImageW
LoadStringA
LockWindowUpdate
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
ModifyMenuA
ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardViewer
SetCursor
SetCursorPos
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetShellWindow
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowCaret
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutA
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA
wsprintfW
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowA
FillRect
ExitWindowsEx
ExcludeUpdateRgn
EqualRect
EnumWindows
EnumDisplayMonitors
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawTextA
DrawStateA
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DispatchMessageA
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefDlgProcA
DdeGetLastError
CreateWindowStationW
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamA
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableA
ClientToScreen
ChildWindowFromPointEx
ChildWindowFromPoint
CheckMenuRadioItem
CheckMenuItem
CharUpperA
ChangeClipboardChain
CascadeChildWindows
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AppendMenuW
AppendMenuA
AdjustWindowRectEx
EndMenu
GetClipboardViewer
GetDesktopWindow
PaintDesktop
GetSystemMetrics
GetMenuCheckMarkDimensions
GetDoubleClickTime
CharNextA
CharNextW
GetCapture
GetShellWindow
GetDialogBaseUnits
CloseWindowStation
CloseClipboard
LoadCursorFromFileA
GetThreadDesktop
DestroyWindow
GetMenu
DrawMenuBar
OpenIcon
GetMessageA

gdi32

GetTextFaceW
LineTo
MoveToEx
PolyPolyline
PolyTextOutA
RectVisible
Rectangle
ResetDCA
STROBJ_dwGetCodePage
SelectObject
GetTextCharacterExtra
SetBitmapBits
SetColorSpace
SetGraphicsMode
SetLayout
SetPixel
StretchDIBits
UpdateICMRegKeyW
XLATEOBJ_piVector
bInitSystemAndFontsDirectoriesW
GetTextAlign
GetStockObject
GetRegionData
GetGlyphIndicesW
GetDeviceCaps
GetClipRgn
GdiSwapBuffers
GdiStartDocEMF
GdiSetPixelFormat
GdiRealizationInfo
GdiFixUpHandle
GdiEntry6
GdiEntry4
GdiConvertBitmapV5
EnumObjects
EnumICMProfilesW
EngDeletePalette
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectW
CreateDCW
BeginPath
DeleteDC
EndPath
CloseMetaFile
FlattenPath
GetEnhMetaFileA
CreatePatternBrush
SetAbortProc
GetDCPenColor

advapi32

SetThreadToken
SetServiceStatus
SetFileSecurityW
RegisterServiceCtrlHandlerW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
LookupAccountNameW
FreeSid
DuplicateToken
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CheckTokenMembership
AllocateAndInitializeSid
RegOpenKeyA
RegQueryValueExA
StartServiceCtrlDispatcherW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00b71178c103f4d32a6f68182eee6e23

Code Sign

1a:9b:ac:cd:da:88:c7:80:40:57:e3:46:fb:b5:a2:6fCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

96:18:3e:ee:d1:90:3c:32:0f:32:2e:3b:c7:09:60:f0:d2:d8:c7:29:91:f0:97:b2:96:a2:ae:53:7d:ec:63:20Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 54KB - Virtual size: 53KB

.data Size: 209KB - Virtual size: 209KB

.rsrc Size: 143KB - Virtual size: 143KB

1a:9b:ac:cd:da:88:c7:80:40:57:e3:46:fb:b5:a2:6f
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

96:18:3e:ee:d1:90:3c:32:0f:32:2e:3b:c7:09:60:f0:d2:d8:c7:29:91:f0:97:b2:96:a2:ae:53:7d:ec:63:20
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 54KB - Virtual size: 53KB

.data
Size: 209KB - Virtual size: 209KB

.rsrc
Size: 143KB - Virtual size: 143KB