f556e16ab3b138a427d52c5dd8f20838_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f556e16ab3b138a427d52c5dd8f20838_JaffaCakes118
Size

126KB
MD5

f556e16ab3b138a427d52c5dd8f20838
SHA1

b521d50ee90768081eaf69fb212ef175ee9a9a2d
SHA256

6aa060af324d16951f1000111710ebc6293fee131aec1891b8b2d1b6713d1365
SHA512

121f2532845db169e03cb513c9245a2331ab75a59399b1352820e287681530419a3353c43478c0dfdf145b508d6219c3368a7e1f097912ceb71c3f2c6f399138
SSDEEP

3072:d/yHfMPKXed77o6Q/dEVQIOILEsMAl+JZA3+Uv:d6exXKhI6At

Score

1^/10

Malware Config

Signatures

Files

f556e16ab3b138a427d52c5dd8f20838_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e12137480edf270321cfc574ca701e88

Code Sign

16:8d:c0:0e:66:74:59:62:b8:5b:34:5d:bb:1c:c8:e4
Certificate

Issuer

CN=ZMTBGNWHYQLPIPIIMB

Not Before

12-04-2019 12:35

Not After

31-12-2039 23:59

Subject

CN=ZMTBGNWHYQLPIPIIMB

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a2:11:7d:c2:3c:4c:a7:42:39:3d:17:20:af:20:b5:00:69:61:69:83:42:2d:3e:15:1e:f8:e8:b9:51:f0:a8:43
Signer

Actual PE Digest

a2:11:7d:c2:3c:4c:a7:42:39:3d:17:20:af:20:b5:00:69:61:69:83:42:2d:3e:15:1e:f8:e8:b9:51:f0:a8:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
FormatMessageA
FormatMessageW
GetComputerNameW
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcessHeap
GetStartupInfoA
GetThreadLocale
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedExchange
InterlockedIncrement
CreateProcessW
LocalAlloc
LocalFree
MoveFileExW
MultiByteToWideChar
OutputDebugStringW
RaiseException
ReleaseMutex
SetEvent
SetFileAttributesA
SetFilePointer
SetLastError
SetThreadExecutionState
SetThreadLocale
Sleep
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
lstrcmpW
lstrcpyA
lstrlenA
GetProcAddress
LoadLibraryW
VirtualAllocEx
CreateMutexA
CreateFileA
CreateEventA
LeaveCriticalSection
CloseHandle

user32

CharLowerA
CharLowerBuffA
CharToOemBuffA
ClientToScreen
CopyRect
CreateDialogIndirectParamA
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
CreateWindowStationA
DdeCmpStringHandles
DdeFreeStringHandle
DdeQueryStringA
DefDlgProcA
DefFrameProcA
DefWindowProcA
DefWindowProcW
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawIconEx
DrawStateW
DrawTextA
DrawTextExW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndMenu
EndPaint
EnumChildWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesA
ChangeMenuW
EnumDisplaySettingsA
EnumPropsExA
EnumPropsW
EnumThreadWindows
EnumWindows
ExitWindowsEx
FindWindowA
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutNameW
GetMenuItemInfoA
GetMessageA
GetMessageTime
GetMonitorInfoA
GetNextDlgTabItem
GetSysColor
GetSystemMetrics
GetWindowInfo
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InternalGetWindowText
InvalidateRect
IsCharUpperW
IsWindow
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuW
MessageBoxA
MonitorFromPoint
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterClassExA
RegisterHotKey
RegisterWindowMessageA
ReleaseDC
RemovePropW
ScreenToClient
SendMessageA
SendMessageTimeoutW
SetClassLongW
SetClassWord
SetCursorPos
SetDlgItemInt
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetMenuItemInfoW
SetRect
SetSystemCursor
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TileChildWindows
TrackPopupMenuEx
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterHotKey
UpdateWindow
ValidateRect
ValidateRgn
WaitForInputIdle
wsprintfA
LoadIconW
ChangeDisplaySettingsExA
BeginPaint
AttachThreadInput
AppendMenuA
EnumDisplayMonitors

advapi32

RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e12137480edf270321cfc574ca701e88

Code Sign

16:8d:c0:0e:66:74:59:62:b8:5b:34:5d:bb:1c:c8:e4Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

a2:11:7d:c2:3c:4c:a7:42:39:3d:17:20:af:20:b5:00:69:61:69:83:42:2d:3e:15:1e:f8:e8:b9:51:f0:a8:43Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 568B

.rsrc Size: 43KB - Virtual size: 43KB

16:8d:c0:0e:66:74:59:62:b8:5b:34:5d:bb:1c:c8:e4
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

a2:11:7d:c2:3c:4c:a7:42:39:3d:17:20:af:20:b5:00:69:61:69:83:42:2d:3e:15:1e:f8:e8:b9:51:f0:a8:43
Signer

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 568B

.rsrc
Size: 43KB - Virtual size: 43KB