fdcdf4961ecf6bd6910d391144d91f1c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fdcdf4961ecf6bd6910d391144d91f1c_JaffaCakes118
Size

2.4MB
MD5

fdcdf4961ecf6bd6910d391144d91f1c
SHA1

bac8497dc1b15d1c0b1104533c0d270257422c63
SHA256

54065efbdbc9f1085f7b7af9b3a51dd99100d253eba9e14035b72b5f074c045e
SHA512

a6423980776f7320a19ce8bd673225690af86cfa1284c5e68fac6b7b514f1d7261af224cc36b671f7c780416bb860d80f1e6afec81890ddbe109df5902d9760f
SSDEEP

24576:wlxKKE/JRpD5gmxXV5YgcirByuVzJLITdjgI2uZeQieckF4eKhxV8Z:wjKKE/Jb7XV5YEyCtwjRBZeePF4bhxi

Score

1^/10

Malware Config

Signatures

Files

fdcdf4961ecf6bd6910d391144d91f1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3891929c64c25130938db27dd8b3ad70

Code Sign

02:a4:9b:aa:d8:19:48:bb:40:11:24:ae:b2:ca:8a:4f
Certificate

Issuer

CN=TLATBDHF

Not Before

18/02/2019, 15:31

Not After

31/12/2039, 23:59

Subject

CN=TLATBDHF

Extended Key Usages

ExtKeyUsageCodeSigning

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d2:31:50:c4:7b:73:56:c0:ad:4b:e2:e0:4f:31:7b:7e:7f:0f:07:d4
Signer

Actual PE Digest

d2:31:50:c4:7b:73:56:c0:ad:4b:e2:e0:4f:31:7b:7e:7f:0f:07:d4

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
lstrcpyW
WriteProcessMemory
WritePrivateProfileStringW
WinExec
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualProtect
TerminateProcess
SwitchToThread
SizeofResource
SignalObjectAndWait
SetThreadLocale
SetLastError
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
SearchPathW
ResumeThread
ResetEvent
ReadFile
OutputDebugStringW
OpenProcess
MulDiv
LockResource
LocalFree
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
IsBadReadPtr
InitializeCriticalSection
HeapDestroy
HeapCreate
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
GetWindowsDirectoryW
GetVersionExW
GetTickCount
GetTempPathW
GetTempFileNameW
GetPrivateProfileStringW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FormatMessageW
FlushInstructionCache
FindResourceW
FindNextFileW
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateProcessW
CreateFileW
CreateEventW
CreateDirectoryW
CompareStringA
VirtualAllocEx
LoadLibraryA
GetModuleHandleA

user32

DestroyMenu
ShowWindow
SetWindowTextW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
SetWindowsHookExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetForegroundWindow
DispatchMessageW
GetSubMenu
GetMenuItemCount
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic

gdi32

TextOutW
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
GetDeviceCaps
SaveDC
RestoreDC
SetBkColor
ExtTextOutW

advapi32

RegQueryValueExW

shlwapi

PathFindFileNameW
PathFindExtensionW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3891929c64c25130938db27dd8b3ad70

Code Sign

02:a4:9b:aa:d8:19:48:bb:40:11:24:ae:b2:ca:8a:4fCertificate

Extended Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

d2:31:50:c4:7b:73:56:c0:ad:4b:e2:e0:4f:31:7b:7e:7f:0f:07:d4Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 1024B - Virtual size: 1000B

.data Size: 19KB - Virtual size: 1.6MB

02:a4:9b:aa:d8:19:48:bb:40:11:24:ae:b2:ca:8a:4f
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

d2:31:50:c4:7b:73:56:c0:ad:4b:e2:e0:4f:31:7b:7e:7f:0f:07:d4
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 1024B - Virtual size: 1000B

.data
Size: 19KB - Virtual size: 1.6MB