eab61cde6b425aa02910b0457ce96084_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eab61cde6b425aa02910b0457ce96084_JaffaCakes118
Size

415KB
MD5

eab61cde6b425aa02910b0457ce96084
SHA1

e162ff3453b4852384beddd101aa7067f783b667
SHA256

1d13e85e7ccc79e0101b115cc5f1e1444428c0a99df06427e69b846282c106eb
SHA512

00c8fe2897b10258256e296227f47446b415c5077630e7f8b3c6505e4581aa0cd3517070b7c49025a4e6695fd929f9f725f8795ea2482052ada6044ca6abf15f
SSDEEP

12288:qx6nSjvoPaP888888888888W88888888888/sbkzhB:m6nSjvhh1tB

Score

1^/10

Malware Config

Signatures

Files

eab61cde6b425aa02910b0457ce96084_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3e03b79d90cf898dc95da8286fe93799

Code Sign

3d:47:25:0f:44:d2:24:5f:b8:94:9e:40:9e:82:0b:4f
Certificate

Issuer

CN=WVPPEPGF

Not Before

14-03-2019 21:18

Not After

31-12-2039 23:59

Subject

CN=WVPPEPGF

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

19:86:1e:7e:85:7b:7a:b7:0e:69:c4:32:c6:79:58:c9:d4:19:b7:5c:fa:93:12:67:82:0b:a7:6f:b9:bc:16:13
Signer

Actual PE Digest

19:86:1e:7e:85:7b:7a:b7:0e:69:c4:32:c6:79:58:c9:d4:19:b7:5c:fa:93:12:67:82:0b:a7:6f:b9:bc:16:13

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
OpenEventW
OutputDebugStringW
QueryPerformanceCounter
ReleaseMutex
HeapAlloc
SetEndOfFile
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrlenW
GetVolumePathNameW
GetTimeZoneInformation
GetTickCount
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW
GetLastError
GetFileType
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetDriveTypeW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FormatMessageW
FlushFileBuffers
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
EncodePointer
DeleteCriticalSection
DecodePointer
CreateProcessW
CreateMutexW
CreateFileW
CreateFileMappingW
CreateDirectoryW
CompareStringW
CloseHandle
VirtualAlloc
RtlUnwind
GetModuleHandleA

user32

DrawIcon
DrawIconEx
DrawStateA
DrawTextA
DrawTextW
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumDisplayMonitors
EnumWindows
EqualRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowA
FindWindowW
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
DrawFrameControl
GetDoubleClickTime
GetForegroundWindow
GetGUIThreadInfo
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringA
HideCaret
IMPQueryIMEW
InflateRect
IntersectRect
InvalidateRect
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadImageW
LoadStringA
LockWindowUpdate
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
ModifyMenuA
ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardViewer
SetCursor
SetCursorPos
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetShellWindow
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowCaret
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutA
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA
wsprintfW
DrawFocusRect
DispatchMessageA
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefDlgProcA
DdeGetLastError
CreateWindowStationW
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamA
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableA
ClientToScreen
ChildWindowFromPointEx
ChildWindowFromPoint
CheckMenuRadioItem
CheckMenuItem
CharUpperA
CharNextA
ChangeClipboardChain
CascadeChildWindows
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AppendMenuW
AppendMenuA
AdjustWindowRectEx
GetFocus
OpenIcon
IsMenu
DestroyWindow
WindowFromDC
CloseWindowStation
GetListBoxInfo
CloseDesktop
CloseWindow
CreateMenu
IsCharAlphaNumericW
ReleaseCapture
GetDlgItemTextA

gdi32

CreateDCW
CreateFontIndirectW
CreatePen
CreateSolidBrush
DeleteObject
EngDeletePalette
EnumICMProfilesW
EnumObjects
GdiConvertBitmapV5
GdiEntry4
GdiEntry6
GdiFixUpHandle
GdiRealizationInfo
GdiSetPixelFormat
GdiStartDocEMF
GdiSwapBuffers
GetClipRgn
GetDeviceCaps
GetGlyphIndicesW
GetRegionData
GetStockObject
BeginPath
GetTextCharacterExtra
GetTextFaceW
LineTo
MoveToEx
PolyPolyline
PolyTextOutA
RectVisible
Rectangle
ResetDCA
STROBJ_dwGetCodePage
SelectObject
SetAbortProc
SetBitmapBits
SetColorSpace
SetGraphicsMode
SetLayout
SetPixel
StretchDIBits
UpdateICMRegKeyW
XLATEOBJ_piVector
bInitSystemAndFontsDirectoriesW
GetObjectType
GetTextAlign
CreatePatternBrush

advapi32

RegQueryValueExA
RegOpenKeyA

ole32

OleUninitialize
OleInitialize

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e03b79d90cf898dc95da8286fe93799

Code Sign

3d:47:25:0f:44:d2:24:5f:b8:94:9e:40:9e:82:0b:4fCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

19:86:1e:7e:85:7b:7a:b7:0e:69:c4:32:c6:79:58:c9:d4:19:b7:5c:fa:93:12:67:82:0b:a7:6f:b9:bc:16:13Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 141KB - Virtual size: 141KB

.rsrc Size: 215KB - Virtual size: 215KB

3d:47:25:0f:44:d2:24:5f:b8:94:9e:40:9e:82:0b:4f
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

19:86:1e:7e:85:7b:7a:b7:0e:69:c4:32:c6:79:58:c9:d4:19:b7:5c:fa:93:12:67:82:0b:a7:6f:b9:bc:16:13
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 141KB - Virtual size: 141KB

.rsrc
Size: 215KB - Virtual size: 215KB