f7e919d09b74ffcc793dd5b7f94df868_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f7e919d09b74ffcc793dd5b7f94df868_JaffaCakes118
Size

118KB
MD5

f7e919d09b74ffcc793dd5b7f94df868
SHA1

d17c47ae27371276b62bddd423aab9135c719efc
SHA256

742d051f809b882ca73390fca6da0e94b62928264e57b7088dfe11863532e3ea
SHA512

5493ca58066552b5a2721badee66b6cd335441629d12829e5bc0408a0d4a8aaab87908489b936e06390e49aef5b75c0bd95d542d09be16aacd58a029a2160443
SSDEEP

1536:wHMQNHRoajvvFOQb/bevSVCyBT82KpIqxomw1pbI1DeAOMufsOrKqMFCvJgZP1ao:YAa4QbTDRBT82Kpzk0v7yfrKqEPgWrZ

Score

1^/10

Malware Config

Signatures

Files

f7e919d09b74ffcc793dd5b7f94df868_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f921d50da5bf815dcf266aa08e64d08

Code Sign

40:29:da:cc:bc:95:17:84:46:72:c7:37:2a:72:63:28
Certificate

Issuer

CN=SYAYHQPQSSMOVZVIQJ

Not Before

31/05/2019, 07:51

Not After

31/12/2039, 23:59

Subject

CN=SYAYHQPQSSMOVZVIQJ

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:65:ab:52:5b:ff:97:d6:07:96:77:16:8c:e9:c4:43:b6:f1:29:d0
Signer

Actual PE Digest

74:65:ab:52:5b:ff:97:d6:07:96:77:16:8c:e9:c4:43:b6:f1:29:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetStartupInfoA
GetSystemDefaultLangID
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTempPathW
GetTickCount
GetVersion
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsDebuggerPresent
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
FreeConsole
GetProcAddress
MoveFileWithProgressA
MulDiv
MultiByteToWideChar
Process32First
QueryPerformanceCounter
RaiseException
ReadConsoleOutputCharacterW
ReadFile
SetCommState
SetErrorMode
SetFilePointer
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
SetWaitableTimer
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnregisterWait
VirtualProtect
WideCharToMultiByte
WriteConsoleOutputW
WriteFile
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcpyW
lstrlenA
lstrlenW
VirtualAllocEx
FormatMessageA
FlushViewOfFile
GetPrivateProfileIntA
GetPriorityClass
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileTime
GetFileSize
GetFileAttributesA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetCurrencyFormatA
GetCPInfo
GetConsoleScreenBufferInfo
GetACP
FreeResource
FreeLibraryAndExitThread
LockResource
FreeLibrary
FindResourceW
FindResourceA
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FillConsoleOutputCharacterW
FileTimeToSystemTime
ExpandEnvironmentStringsW
EnumSystemCodePagesW
EnumResourceLanguagesA
EnumDateFormatsExW
DisableThreadLibraryCalls
DeleteFileA
CreateProcessA
CreateFileW
CreateFileA
CloseHandle
CancelWaitableTimer
LocalUnlock
CancelIo

user32

ExitWindowsEx

gdi32

bMakePathNameW
SetBrushOrgEx
RemoveFontResourceExW
RectVisible
GetGlyphOutlineWow
GetCurrentPositionEx
GetCharWidthFloatA
GetCharWidth32A
GdiSetPixelFormat
GdiEntry6
GdiDescribePixelFormat
GdiDeleteSpoolFileHandle
GdiAlphaBlend
FONTOBJ_pfdg
EnumMetaFile
EnumICMProfilesA
DeviceCapabilitiesExA
CreateColorSpaceA
CheckColorsInGamut
GetTextAlign

comdlg32

GetOpenFileNameA
CommDlgExtendedError
ChooseFontA
GetSaveFileNameA

advapi32

RegOpenKeyA
StartServiceCtrlDispatcherW
SetServiceStatus
ReportEventW
RegisterServiceCtrlHandlerW
RegisterEventSourceW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueA
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

wnsprintfA

comctl32

PropertySheetA

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f921d50da5bf815dcf266aa08e64d08

Code Sign

40:29:da:cc:bc:95:17:84:46:72:c7:37:2a:72:63:28Certificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

74:65:ab:52:5b:ff:97:d6:07:96:77:16:8c:e9:c4:43:b6:f1:29:d0Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

shlwapi

comctl32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 892B

.rsrc Size: 36KB - Virtual size: 36KB

40:29:da:cc:bc:95:17:84:46:72:c7:37:2a:72:63:28
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

74:65:ab:52:5b:ff:97:d6:07:96:77:16:8c:e9:c4:43:b6:f1:29:d0
Signer

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 892B

.rsrc
Size: 36KB - Virtual size: 36KB