f065c641af868a5ecf18682218fc6905_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f065c641af868a5ecf18682218fc6905_JaffaCakes118
Size

114KB
MD5

f065c641af868a5ecf18682218fc6905
SHA1

6cb99f7d6a14eff1ddf9bb216f33c9e6a147e3e3
SHA256

3772b05750ffa57e5454a6d115f5c30053195fefaef61a8dd699188b4fb7d1dd
SHA512

f20a3ab716ac29b7fda24391013d497ea568783680b0ec30e75acb77651f7040dee95d2ca7062710e34a5741388c1781b7eea877273360390b4397c441110759
SSDEEP

3072:FMB/At2MlFcATSuwl7lb83MUIBv/cfgg:OAtflFcATIl7lbQdC

Score

1^/10

Malware Config

Signatures

Files

f065c641af868a5ecf18682218fc6905_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d94756fe4f4bb107ffee5b31084e33e4

Code Sign

41:e3:33:b0:ce:cd:0d:40:bb:f1:e8:28:e5:de:39:bc
Certificate

Issuer

CN=HATOGJSNSRSDJJJLGH

Not Before

09-05-2019 21:03

Not After

31-12-2039 23:59

Subject

CN=HATOGJSNSRSDJJJLGH

Extended Key Usages

ExtKeyUsageCodeSigning

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02-05-2019 00:00

Not After

01-08-2030 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d5:a0:1d:1a:22:29:1d:60:0a:ac:f9:39:c0:05:da:db:fb:41:48:40:77:96:28:97:88:39:39:a3:ff:fd:2c:3d
Signer

Actual PE Digest

d5:a0:1d:1a:22:29:1d:60:0a:ac:f9:39:c0:05:da:db:fb:41:48:40:77:96:28:97:88:39:39:a3:ff:fd:2c:3d

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalSize
MulDiv
GetTickCount
FileTimeToSystemTime
GetDiskFreeSpaceExW
LocalUnlock
LocalLock
GetVolumeInformationW
GetCurrentProcessId
ExpandEnvironmentStringsA
CreateFileW
SetFilePointer
ReadFile
WriteFile
GetFileTime
GetFileSize
GetFileAttributesW
DeleteFileW
GetTempFileNameW
WideCharToMultiByte
FormatMessageW
LocalAlloc
LocalFree
RemoveDirectoryW
CreateDirectoryW
GetFileAttributesExW
AreFileApisANSI
CreateMutexW
CreateEventW
ReleaseMutex
SetEvent
TerminateThread
GetExitCodeProcess
ResetEvent
PeekNamedPipe
WaitForMultipleObjects
CreatePipe
DuplicateHandle
CreateProcessW
TerminateProcess
GetTimeZoneInformation
GetDriveTypeW
DeviceIoControl
ExitProcess
QueryPerformanceCounter
GetFileType
SetHandleCount
LoadLibraryW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetStdHandle
HeapSize
HeapReAlloc
HeapCreate
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
GetCPInfo
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineW
RtlUnwind
InitializeCriticalSection
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
GetNumberFormatW
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
DosDateTimeToFileTime
CompareFileTime
GetTempPathW
SystemTimeToFileTime
FindFirstFileW
FindNextFileW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetLocalTime
GetDateFormatW
LockResource
lstrlenA
lstrcpynW
lstrcmpW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FreeLibrary
lstrcmpiW
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
lstrlenW
lstrcpyW
lstrcatW
SetLastError
CreateThread
WaitForSingleObject
Sleep
CloseHandle
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetEnvironmentStringsW
SetConsoleCtrlHandler
GetThreadLocale
GetUserDefaultLangID
GetSystemDirectoryW
SetProcessShutdownParameters
SetThreadPriority
SetErrorMode
SetThreadLocale
GenerateConsoleCtrlEvent
GetEnvironmentVariableA
ExitThread
CompareStringA
GetStringTypeA
LCMapStringA
HeapDestroy
GetStartupInfoA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetVersion
GetCommandLineA
SetCurrentDirectoryW
OpenEventW
SearchPathW
GetCurrentThread
InterlockedExchangeAdd
CreateFileA
lstrcmpA
CreateMutexA
GetVersionExA
CreateEventA
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
GetSystemInfo
IsBadStringPtrW
SetEndOfFile
GetSystemTime
VerifyVersionInfoW
SetFileTime
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetFileAttributesW
CopyFileW
GetWindowsDirectoryW
lstrcpynA
GetDiskFreeSpaceW
lstrcmpiA
OpenProcess
lstrcpyA
ExpandEnvironmentStringsW
GlobalFree
WritePrivateProfileStringW
GetPrivateProfileStringW

user32

GetDesktopWindow
GetClipboardOwner
GetThreadDesktop
GetCaretBlinkTime
DestroyWindow
GetKeyState
IsIconic
GetTopWindow
GetSysColor
GetListBoxInfo
IsWindowVisible
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
TabbedTextOutW
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCaret
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardData
SetClassLongW
SetCapture
SetActiveWindow
SendMessageA
SendMessageW
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsDialogMessageA
IsDialogMessageW
IsChild
IsCharAlphaNumericW
IsCharAlphaW
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetUpdateRect
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMessageExtraInfo
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIconIndirect
CreateIcon
CountClipboardFormats
CopyImage
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CharUpperW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
MonitorFromWindow

gdi32

GetTextAlign
GetDCPenColor
CloseMetaFile
CreateMetaFileA
FillPath
GetFontLanguageInfo
GetSystemPaletteUse
GetLayout

advapi32

RegOpenKeyA
RegQueryValueExA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d94756fe4f4bb107ffee5b31084e33e4

Code Sign

41:e3:33:b0:ce:cd:0d:40:bb:f1:e8:28:e5:de:39:bcCertificate

Extended Key Usages

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

d5:a0:1d:1a:22:29:1d:60:0a:ac:f9:39:c0:05:da:db:fb:41:48:40:77:96:28:97:88:39:39:a3:ff:fd:2c:3dSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 3KB - Virtual size: 2KB

41:e3:33:b0:ce:cd:0d:40:bb:f1:e8:28:e5:de:39:bc
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

d5:a0:1d:1a:22:29:1d:60:0a:ac:f9:39:c0:05:da:db:fb:41:48:40:77:96:28:97:88:39:39:a3:ff:fd:2c:3d
Signer

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 3KB - Virtual size: 2KB