fd0b4efe88e1a7c933b5fcd5a0cd4de8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd0b4efe88e1a7c933b5fcd5a0cd4de8_JaffaCakes118
Size

3.7MB
MD5

fd0b4efe88e1a7c933b5fcd5a0cd4de8
SHA1

ce522abb8e3a6dd4d80d62c7191720510c0e0b54
SHA256

23bb6ab0482e415c72da97db851f63571d528caddb76a39b23d64cf235f264fb
SHA512

23c351f1d7405934ad7fb84e9d89293a732b761243087dd30c2785bcabcfb99b29e02068a69c9107fad5e11c69eb6de26325c4c26fba4bf1af1805db20de74e2
SSDEEP

49152:jOz+amUhE5JK+LWbSnfdsuMImVxAmit3OiWh/Bgd:jOMaKFbMZm3jd

Score

1^/10

Malware Config

Signatures

Files

fd0b4efe88e1a7c933b5fcd5a0cd4de8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3e64fd0319723fd19004714f35839cfe

Code Sign

f9:5a:c3:33:92:10:d0:c3:32:e1:70:48:9e:df:60:15
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2016, 00:00

Not After

09/05/2017, 23:59

Subject

CN=A Develop\, TOV,OU=IT,O=A Develop\, TOV,POSTALCODE=65088,STREET=Dor. Lyustdorfska\, 92/94,L=Odesa,ST=Odeska,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0f:28:20:7d:f2:12:19:77:ac:9c:ac:4a:3e:72:9c:23:8e:11:19:67
Signer

Actual PE Digest

0f:28:20:7d:f2:12:19:77:ac:9c:ac:4a:3e:72:9c:23:8e:11:19:67

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetNumberFormatA
GetNumberFormatW
SetThreadLocale
GetUserDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultLCID
FoldStringA
GetConsoleMode
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
WriteConsoleA
GetConsoleCP
CloseHandle
WriteConsoleW
SetFilePointerEx
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
RtlUnwind
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapFree
ExpandEnvironmentStringsA
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
Sleep
GetLocaleInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
WriteFile
GetModuleFileNameA
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
GetCurrentThreadId
SetLastError
GetLastError
GetCommandLineA
SetEnvironmentVariableW
GetStartupInfoW
CreateProcessA
OpenWaitableTimerW
CreateWaitableTimerW
CreateSemaphoreA
OpenEventA
CreateEventA
CreateMutexW
CreateMutexA
TlsAlloc
lstrcpyA
lstrcpynW
lstrcpynA
lstrcmpW
MapViewOfFile
SetSystemTimeAdjustment
DosDateTimeToFileTime
FileTimeToDosDateTime
CompareFileTime
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
IsProcessorFeaturePresent
GetLocalTime
GetSystemTime
CreateFileW
GetLocaleInfoA
LCMapStringA
CompareStringA
IsDBCSLeadByte
ProcessIdToSessionId
GetVolumePathNameW
GetVolumePathNameA
QueryPerformanceFrequency
DeleteTimerQueueTimer
QueueUserWorkItem
RegisterWaitForSingleObject
SetComputerNameExA
IsBadCodePtr
IsBadWritePtr
GetVolumeInformationA
GetNamedPipeHandleStateA
MoveFileW
CopyFileW
CopyFileA
SearchPathW
SearchPathA
FindNextFileW
FindFirstFileW
FindFirstFileA
FindFirstFileExA
DeleteFileA
GetFileAttributesA
SetFileAttributesW
QueryDosDeviceW
GetFullPathNameW
GetDiskFreeSpaceW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetTempFileNameW
GetTempFileNameA
GetTempPathW
GetTempPathA
GetSystemDirectoryA
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileStringA
FindResourceExW
FindResourceW
FindResourceA
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
MulDiv
GetHandleInformation
SetStdHandle
UnlockFile
WaitForMultipleObjects
ReleaseMutex
ReleaseSemaphore
DebugBreak
SuspendThread
GetThreadContext
SetErrorMode
GetExitCodeThread
TerminateThread
SetThreadPriority
SetThreadIdealProcessor
SwitchToThread
FreeEnvironmentStringsW
GetExitCodeProcess
GetProcessAffinityMask
GetLongPathNameW
GetShortPathNameW
HeapValidate
VirtualAlloc
GlobalHandle
GlobalSize
LeaveCriticalSection
FreeLibraryAndExitThread

user32

GetTopWindow
GetClassNameA
EnumThreadWindows
FindWindowExW
FindWindowW
SetParent
GetParent
GetDesktopWindow
SetClassLongW
SetWindowLongW
GetWindowLongW
GetWindowLongA
EqualRect
GetLastActivePopup
UnhookWindowsHookEx
CallNextHookEx
LoadBitmapA
LoadCursorA
LoadCursorW
LoadIconA
GetKeyboardLayout
OpenDesktopW
OpenWindowStationW
SetProcessWindowStation
DrawEdge
DrawFrameControl
SendMessageTimeoutW
PostThreadMessageA
AttachThreadInput
DefWindowProcW
CallWindowProcW
RegisterClassA
GetClassInfoA
RegisterClassExA
CreateWindowExW
IsWindow
ShowWindow
MoveWindow
SetWindowPos
DeferWindowPos
IsWindowVisible
IsIconic
BringWindowToTop
CreateDialogParamW
EndDialog
SetDlgItemTextW
LoadIconW
GetIconInfo
LoadStringW
IsDialogMessageA
IsDialogMessageW
IsRectEmpty
UnionRect
GetSysColorBrush
ChildWindowFromPoint
MapWindowPoints
ScreenToClient
MessageBeep
MessageBoxA
GetWindowRect
GetWindowTextW
RemovePropA
SetPropW
SetPropA
SetScrollPos
InvalidateRgn
GetUpdateRect
EndPaint
WindowFromDC
GetForegroundWindow
DrawTextA
DrawIcon
SetMenuDefaultItem
RemoveMenu
GetMenuItemCount
CheckMenuItem
TranslateAcceleratorW
SetTimer
MsgWaitForMultipleObjectsEx
ReleaseCapture
SetCapture
MapVirtualKeyW
GetAsyncKeyState
CharNextA
CharLowerA
CharUpperBuffW
GetNextDlgTabItem
SendDlgItemMessageA
IsDlgButtonChecked

comctl32

FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
CreateStatusWindowW
CreateToolbarEx
ImageList_GetImageInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Remove
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_AddMasked
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControlsEx
ord17
PropertySheetW
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageW
CreatePropertySheetPageA
InitializeFlatSB

advapi32

RegEnumValueA
RegEnumKeyA
RegDeleteValueW
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
CreateProcessAsUserW
SetFileSecurityW
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
IsValidSecurityDescriptor
AddAccessAllowedAce
GetAce
AddAce
CopySid
GetSidSubAuthority
FreeSid
IsValidSid
CreateWellKnownSid
OpenThreadToken
OpenProcessToken
ReportEventW
DeregisterEventSource
RegOpenKeyA
RegOpenKeyW
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueW
RegQueryValueExA
RegSetKeySecurity
RegSetValueExW
CryptReleaseContext
CryptGenRandom
CryptHashData
CryptDestroyHash
CloseServiceHandle
ControlService
OpenSCManagerA
OpenSCManagerW
OpenServiceA
QueryServiceConfigW
QueryServiceStatus
SetServiceStatus
StartServiceW
LsaFreeMemory
LsaOpenPolicy
LsaQueryInformationPolicy
RegEnumKeyExW

shell32

SHBindToParent
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteW

ole32

OleConvertOLESTREAMToIStorageEx
GetConvertStg
OleLockRunning
OleIsRunning
OleFlushClipboard
OleLoad
OleCreate
OleUninitialize
WriteFmtUserTypeStg
ReadClassStg
StgConvertVariantToProperty
HWND_UserSize
GetRunningObjectTable
CreateBindCtx
CreateDataCache
CoFileTimeNow
CoDosDateTimeToFileTime
CoCancelCall
CoSetProxyBlanket
CoGetMarshalSizeMax
CoReleaseServerProcess
CoRevokeClassObject
CoGetCallerTID
HICON_UserUnmarshal
HDC_UserUnmarshal

oleaut32

VariantChangeType
VariantCopy
VariantInit
SysReAllocStringLen

Sections

.text
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.scets
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.he08
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.p2ve
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e64fd0319723fd19004714f35839cfe

Code Sign

f9:5a:c3:33:92:10:d0:c3:32:e1:70:48:9e:df:60:15Certificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

0f:28:20:7d:f2:12:19:77:ac:9c:ac:4a:3e:72:9c:23:8e:11:19:67Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 274KB - Virtual size: 274KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 1.5MB - Virtual size: 2.4MB

.scets Size: 1.1MB - Virtual size: 1.1MB

.he08 Size: 453KB - Virtual size: 453KB

.p2ve Size: 219KB - Virtual size: 219KB

.rsrc Size: 25KB - Virtual size: 25KB

f9:5a:c3:33:92:10:d0:c3:32:e1:70:48:9e:df:60:15
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

0f:28:20:7d:f2:12:19:77:ac:9c:ac:4a:3e:72:9c:23:8e:11:19:67
Signer

.text
Size: 274KB - Virtual size: 274KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 1.5MB - Virtual size: 2.4MB

.scets
Size: 1.1MB - Virtual size: 1.1MB

.he08
Size: 453KB - Virtual size: 453KB

.p2ve
Size: 219KB - Virtual size: 219KB

.rsrc
Size: 25KB - Virtual size: 25KB