e1c20d60f17d219f6f7fd3e39bc1c396_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e1c20d60f17d219f6f7fd3e39bc1c396_JaffaCakes118
Size

92KB
MD5

e1c20d60f17d219f6f7fd3e39bc1c396
SHA1

7bfd2e391c6e43385d96abb9147750baaef28033
SHA256

f294fbbafd14536e870392e30a4285b4a65048ebfcf1858291cb3699dd4e1819
SHA512

d82f84645af45f79c6091b5e2b85805a6a10008fe9aad1cfafe230587be26a913d02c937b232bcd2540df1ad741babdc15ad547d85b96c8855369e18eec666f9
SSDEEP

1536:G93cDBQCpF5iLQh+l9rzER0LkQd0eoLzxcibkhkhXmH8Wnu82zmMFGh3M3cxaGqm:G9QQy5izNq0rQzxcibQkmcWSzXGhGway

Score

1^/10

Malware Config

Signatures

Files

e1c20d60f17d219f6f7fd3e39bc1c396_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd34c5dd3642bd8246f2c1a96801d21c

Code Sign

15:ef:f5:61:43:cd:3a:42:b4:42:68:08:e2:bf:e2:d0
Certificate

Issuer

CN=GFCZMAWXIKOQLUEGAX

Not Before

02-05-2019 12:01

Not After

31-12-2039 23:59

Subject

CN=GFCZMAWXIKOQLUEGAX

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

70:be:4b:74:43:c7:39:a4:18:39:de:2f:52:c6:52:fd:e1:2e:c6:f1:76:c9:2d:d3:2c:d5:c8:5e:db:e4:59:f5
Signer

Actual PE Digest

70:be:4b:74:43:c7:39:a4:18:39:de:2f:52:c6:52:fd:e1:2e:c6:f1:76:c9:2d:d3:2c:d5:c8:5e:db:e4:59:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
FindNextFileW
FindResourceA
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocaleInfoA
GetLogicalDrives
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessIoCounters
GetProcessVersion
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetTickCount
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
FindFirstFileA
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OpenMutexW
OpenProcess
OutputDebugStringW
PulseEvent
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetStdHandle
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcmpA
lstrlenW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitProcess
EnumResourceNamesW
EnterCriticalSection
DuplicateHandle
DosDateTimeToFileTime
DeviceIoControl
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateProcessW
CreateMutexW
CreateMutexA
CreateJobObjectW
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CopyFileW
CompareStringW
CloseHandle
GetModuleHandleW
HeapDestroy
VirtualAllocEx

user32

GetDC
GetForegroundWindow
GetIconInfo
GetMenu
GetMenuInfo
GetMessageW
GetParent
GetPropA
GetSystemMenu
GetSystemMetrics
GetThreadDesktop
GetTopWindow
GetUserObjectInformationW
GetWindow
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
IMPQueryIMEA
ImpersonateDdeClientWindow
InflateRect
InvalidateRect
IsCharAlphaNumericW
IsIconic
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
LoadStringW
LookupIconIdFromDirectory
MessageBoxW
MsgWaitForMultipleObjects
OemToCharA
OffsetRect
OpenWindowStationA
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageA
RegisterClassExW
RegisterHotKey
RegisterWindowMessageW
ReleaseDC
RemovePropA
ReuseDDElParam
ScrollDC
GetClipboardFormatNameA
SendMessageA
SendMessageCallbackA
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageW
SetClassLongW
SetClipboardData
SetCursorPos
SetForegroundWindow
SetParent
SetPropA
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
ShowOwnedPopups
ShowWindow
SystemParametersInfoW
TabbedTextOutA
TranslateAcceleratorW
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfW
wvsprintfA
EnableWindow
EnableMenuItem
DrawTextW
DrawFrameControl
DrawFocusRect
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
DefDlgProcW
DdeGetData
CreateWindowExW
CreatePopupMenu
CreateMDIWindowA
CreateDesktopA
ChildWindowFromPointEx
CharUpperW
CharUpperBuffW
GetClientRect
GetClassWord
GetClassNameA
GetClassLongW
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FindWindowExA
EnumWindows
EnumThreadWindows
EnumDisplaySettingsW
EnumDisplayDevicesW
AdjustWindowRectEx
AnimateWindow
AttachThreadInput
BeginPaint
CallMsgFilter
CascadeChildWindows
ChangeDisplaySettingsExW
CharLowerW
EnumDesktopWindows
EndPaint
SendInput
EndDialog

gdi32

RectInRegion
GetDeviceGammaRamp
cGetTTFFromFOT
GetCharacterPlacementA
GdiConvertToDevmodeW
GdiConvertBitmap
FlattenPath
FONTOBJ_pifi
EudcLoadLinkW
EngReleaseSemaphore
EngQueryLocalTime
EngEraseSurface
DescribePixelFormat
SetDIBits
CreateEllipticRgn

advapi32

RegQueryValueExA
RegOpenKeyA

shell32

Shell_NotifyIconW
ShellExecuteW
ExtractAssociatedIconA
FindExecutableA
SHCreateDirectoryExW
SHFileOperation
SHFormatDrive
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetFolderPathA
SHGetPathFromIDListA
ShellAboutA
WOWShellExecute

ole32

OleUninitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid

shlwapi

StrCmpNIA
StrRStrIW

comctl32

ImageList_GetIconSize
ImageList_Read
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Write

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd34c5dd3642bd8246f2c1a96801d21c

Code Sign

15:ef:f5:61:43:cd:3a:42:b4:42:68:08:e2:bf:e2:d0Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

70:be:4b:74:43:c7:39:a4:18:39:de:2f:52:c6:52:fd:e1:2e:c6:f1:76:c9:2d:d3:2c:d5:c8:5e:db:e4:59:f5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 284B

.rsrc Size: 4KB - Virtual size: 4KB

15:ef:f5:61:43:cd:3a:42:b4:42:68:08:e2:bf:e2:d0
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

70:be:4b:74:43:c7:39:a4:18:39:de:2f:52:c6:52:fd:e1:2e:c6:f1:76:c9:2d:d3:2c:d5:c8:5e:db:e4:59:f5
Signer

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 284B

.rsrc
Size: 4KB - Virtual size: 4KB