fc248587dcf3b7081de22cf0894f04b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc248587dcf3b7081de22cf0894f04b2_JaffaCakes118
Size

283KB
MD5

fc248587dcf3b7081de22cf0894f04b2
SHA1

0947a11581923ee475449fc5355fc6c050cceb12
SHA256

c309f2461df952c30b70ec743d482b6904ce19ed9aa25b480688337b137328b1
SHA512

2428a5299841a3a5581eacaadc0afeed45a47f5ee87650e8864010b2a3a482a4a6533bccd4783ca1d4f91f2778b68aa8f0be3a98c8cd1ec92f5d0f1d2a22c293
SSDEEP

3072:U9Nb2lLlUiyeg/MbyqgwcqaNv3+UrfllhMVP3pjC4QFSEgN5s6oH4sqYa7m7/KKC:U9wDUi91gwOV31TtMTC2oH5a7pfh

Score

1^/10

Malware Config

Signatures

Files

fc248587dcf3b7081de22cf0894f04b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7b99f037cdb4bb13379957a69944653c

Code Sign

37:da:d8:bf:48:0a:1a:ab:46:a2:7c:c0:87:59:42:4a
Certificate

Issuer

CN=OHXQPIHE

Not Before

08/03/2019, 11:38

Not After

31/12/2039, 23:59

Subject

CN=OHXQPIHE

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

eb:63:3f:fd:66:bb:40:64:09:48:e2:22:5c:0a:d4:ba:31:9c:ad:ab:74:7e:73:c7:cc:16:df:21:58:9f:25:ab
Signer

Actual PE Digest

eb:63:3f:fd:66:bb:40:64:09:48:e2:22:5c:0a:d4:ba:31:9c:ad:ab:74:7e:73:c7:cc:16:df:21:58:9f:25:ab

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetVersion
GetVersionExA
GetWindowsDirectoryW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitAtomTable
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LocalLock
LocalUnlock
LockFile
LockResource
MultiByteToWideChar
OpenFileMappingA
OutputDebugStringA
PeekNamedPipe
Process32FirstW
QueryDosDeviceW
QueryPerformanceCounter
GetSystemTime
RaiseException
ReleaseSemaphore
RemoveDirectoryA
RtlUnwind
SetCalendarInfoA
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WriteProfileSectionA
_llseek
lstrcmpiW
lstrcpyW
lstrlenW
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFileType
GetEnvironmentStringsW
GetEnvironmentStrings
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleOutputCP
GetConsoleMode
GetConsoleCursorInfo
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushViewOfFile
FlushFileBuffers
FindResourceW
FillConsoleOutputCharacterW
FatalAppExitW
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateTimerQueueTimer
CreateThread
CreateFileA
CreateDirectoryW
CreateDirectoryA
ConvertThreadToFiber
CompareFileTime
QueryPerformanceFrequency
CloseHandle

user32

EnumDisplayMonitors
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextW
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
EndPaint
GetMenuItemRect
GetMenuState
GetMenuStringW
GetMessageA
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
InvertRect
IsCharLowerW
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDialogMessageW
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
LockWindowUpdate
MapDialogRect
MapVirtualKeyExW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromWindow
MoveWindow
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ReuseDDElParam
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemInt
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
ValidateRect
WaitMessage
WinHelpW
WindowFromPoint
wsprintfW
GetQueueStatus
ShowCaret
GetThreadDesktop
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DeferWindowPos
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateDialogParamA
CreateDialogIndirectParamW
CreateAcceleratorTableW
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableW
CloseClipboard
ClientToScreen
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AppendMenuW
AdjustWindowRectEx
GetMenuItemInfoW

gdi32

EngQueryLocalTime
GdiDeleteSpoolFileHandle
GdiGetPageCount
GdiGetSpoolMessage
GdiIsPlayMetafileDC
GdiSetLastError
GetBkColor
GetCharWidth32W
GetCharWidthI
GetDCOrgEx
GetDeviceGammaRamp
GetGlyphIndicesW
GetKerningPairs
GetKerningPairsA
GetMetaFileBitsEx
EngFindResource
GetTextAlign
GetTransform
GetWorldTransform
MoveToEx
PlayEnhMetaFileRecord
SelectObject
SetBoundsRect
SetDIBitsToDevice
SetPixel
StretchDIBits
XFORMOBJ_iGetXform
CreateHalftonePalette
DeleteObject
CreateSolidBrush
AbortDoc
DeleteDC
CreatePen
CreateMetaFileW
CreateEnhMetaFileW
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
BitBlt

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
RegOpenKeyA

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b99f037cdb4bb13379957a69944653c

Code Sign

37:da:d8:bf:48:0a:1a:ab:46:a2:7c:c0:87:59:42:4aCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

eb:63:3f:fd:66:bb:40:64:09:48:e2:22:5c:0a:d4:ba:31:9c:ad:ab:74:7e:73:c7:cc:16:df:21:58:9f:25:abSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

imm32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 58KB - Virtual size: 58KB

37:da:d8:bf:48:0a:1a:ab:46:a2:7c:c0:87:59:42:4a
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

eb:63:3f:fd:66:bb:40:64:09:48:e2:22:5c:0a:d4:ba:31:9c:ad:ab:74:7e:73:c7:cc:16:df:21:58:9f:25:ab
Signer

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 58KB - Virtual size: 58KB