e6e279f1a938bb1a0d6771102ecf7473_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e6e279f1a938bb1a0d6771102ecf7473_JaffaCakes118
Size

108KB
MD5

e6e279f1a938bb1a0d6771102ecf7473
SHA1

6c63d691151286f95bdc32a784d7c89af4f9dda5
SHA256

3f037bf4df8f5cc4573f51d846990347d85f2ccd5388240a64594ce24cc4c5ff
SHA512

de082becd9b3ad6f6cd3f2c88f5e5918008fb3f0d05cb638004fdef9ca30572dd24a0192b22b8ad33370148e3650ea8f7b8c10b7dd4e635a34e566725b3a7709
SSDEEP

3072:BGwQXaREou7H7A5GQLcMSGikCJQ+nek9V:0wvRxkJEqU5+Zf

Score

1^/10

Malware Config

Signatures

Files

e6e279f1a938bb1a0d6771102ecf7473_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca0ae98c98812c4f76949c9b32d584f8

Code Sign

03:a8:e5:de:01:ba:2e:4b:bf:85:38:9a:b8:c8:d3:dc
Certificate

Issuer

CN=PEPKFGFYGJKXFGAYCY

Not Before

22-05-2019 14:07

Not After

31-12-2039 23:59

Subject

CN=PEPKFGFYGJKXFGAYCY

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07-06-2005 08:09

Not After

30-05-2020 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27-04-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02-05-2019 00:00

Not After

30-05-2020 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

39:0d:2d:36:33:e5:f0:57:2e:4a:d7:84:ab:0e:17:75:be:b0:57:d1
Signer

Actual PE Digest

39:0d:2d:36:33:e5:f0:57:2e:4a:d7:84:ab:0e:17:75:be:b0:57:d1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetModuleHandleW
GetUserDefaultUILanguage
DuplicateHandle
WaitForSingleObject
Sleep
GetCurrentProcess
CreateThread
SetThreadPriority
TerminateThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
WaitForMultipleObjects
CreateFileW
FlushFileBuffers
GetFileType
GetLogicalDrives
ReadFile
SetEndOfFile
SetFilePointerEx
WriteFile
SetErrorMode
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
MoveFileExW
GetCurrentDirectoryW
CreateDirectoryW
FindClose
FindFirstFileW
GetFileAttributesExW
GetFileInformationByHandle
GetFullPathNameW
GetLongPathNameW
RemoveDirectoryW
GetTempPathW
DeviceIoControl
MoveFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
QueryPerformanceCounter
GetCurrencyFormatW
GetTickCount
FindFirstFileExW
GetTimeFormatW
GetStartupInfoW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
GetModuleHandleExW
ExitProcess
GetVolumeInformationW
lstrcmpW
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
EncodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
SetLastError
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStdHandle
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
LCMapStringW
EnumSystemLocalesW
DecodePointer
HeapReAlloc
GetCPInfo
SetEnvironmentVariableA
WriteConsoleW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FindFirstFileExA
FindNextFileA
HeapSize
GetDateFormatW
GetThreadPriority
GetCurrentThread
ResetEvent
LoadLibraryW
GetSystemDirectoryW
CreateEventW
WaitForSingleObjectEx
SetEvent
GetConsoleWindow
OutputDebugStringW
FindNextChangeNotification
GetLocalTime
GetSystemTime
GetUserDefaultLCID
CompareStringW
GetCurrentProcessId
GlobalSize
LoadLibraryA
GetLocaleInfoW
GlobalUnlock
GlobalLock
GlobalAlloc
OpenProcess
CheckRemoteDebuggerPresent
GetUserDefaultLangID
CreateProcessW
CloseHandle
ExpandEnvironmentStringsW
IsValidLocale
IsValidLanguageGroup
FormatMessageW
GetProcAddress
GetCurrentThreadId
GetLastError
FindNextFileW
FindCloseChangeNotification
FindFirstChangeNotificationW
LocalFree
GetCommandLineW
GetVersionExW
CopyFileW
SetFileAttributesW
GetFileAttributesW
GetDriveTypeW
QueryPerformanceFrequency
DeleteFileW
GetStartupInfoA
GetModuleHandleA

user32

GetDesktopWindow
GetClipboardOwner
GetThreadDesktop
GetCaretBlinkTime
DestroyWindow
GetKeyState
IsIconic
GetTopWindow
GetSysColor
GetListBoxInfo
IsWindowVisible
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
SetMenuItemInfoW
NotifyWinEvent
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetCursorInfo
RegisterClassW
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetWindowTextW
EnumWindows
RealGetWindowClassW
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
MessageBoxW
ToAscii
GetKeyboardState
IsZoomed
PeekMessageW
SetCaretPos
GetDC
ReleaseDC
DestroyIcon
DrawIconEx
GetIconInfo
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
LoadIconW
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
GetSystemMenu
GetSystemMetrics
ReleaseCapture
SetCapture
GetCapture
SetFocus
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
IsChild
CreateWindowExW
DefWindowProcW
AttachThreadInput
PostMessageW
SendMessageW
SystemParametersInfoW
MessageBeep
GetDoubleClickTime
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
ShowWindow

gdi32

GetTextAlign
GetDCPenColor
CloseMetaFile
CreateMetaFileA
FillPath
GetFontLanguageInfo
GetSystemPaletteUse
GetLayout

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegQueryValueExW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
SystemFunction036
RegOpenKeyExW

ole32

StringFromGUID2
CoTaskMemAlloc
CoGetMalloc
CoUninitialize
CoTaskMemFree
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoCreateGuid
OleUninitialize
OleInitialize
RevokeDragDrop
CoCreateInstance
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
CoInitialize

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp

imm32

ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmNotifyIME
ImmGetCompositionStringW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca0ae98c98812c4f76949c9b32d584f8

Code Sign

03:a8:e5:de:01:ba:2e:4b:bf:85:38:9a:b8:c8:d3:dcCertificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

39:0d:2d:36:33:e5:f0:57:2e:4a:d7:84:ab:0e:17:75:be:b0:57:d1Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

imm32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 75KB - Virtual size: 75KB

.rsrc Size: 1024B - Virtual size: 800B

03:a8:e5:de:01:ba:2e:4b:bf:85:38:9a:b8:c8:d3:dc
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

39:0d:2d:36:33:e5:f0:57:2e:4a:d7:84:ab:0e:17:75:be:b0:57:d1
Signer

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 1024B - Virtual size: 800B