8d29fb0a31dd91d5904f0855f79924e7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8d29fb0a31dd91d5904f0855f79924e7_JaffaCakes118
Size

1.0MB
MD5

8d29fb0a31dd91d5904f0855f79924e7
SHA1

28ecd0a291bf81f5a13251c2e572b74c818e969c
SHA256

6b95e3fb9257219ece17e86b32be6e15d0173fdc5aa11111057c8b2714cb0c54
SHA512

13083d4838f435e370defb79e033fc8e9abcf364081453a01230043359477893d0283821dad73389134b9e3eff0b7501429d33b71d3e72c90d9e3dae086430ce
SSDEEP

24576:YcinBv073hiuK+BP9lbifbKw1oYJkdV4KrU:Ycm0jsuKWlmOrYJIV45

Score

1^/10

Malware Config

Signatures

Files

8d29fb0a31dd91d5904f0855f79924e7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cb1d33d20528549d4b179bab24de35b3

Code Sign

79:6c:68:b7:90:b0:80:b9:46:72:a7:82:8f:58:9f:d3
Certificate

Issuer

CN=EBFOEJPN

Not Before

20-11-2018 11:28

Not After

31-12-2039 23:59

Subject

CN=EBFOEJPN

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0d:ed:a1:cb:4d:a2:29:28:65:d2:51:bb:cf:6a:58:11:9e:26:0d:5c:d2:68:59:88:c1:c5:f7:10:c5:96:a4:21
Signer

Actual PE Digest

0d:ed:a1:cb:4d:a2:29:28:65:d2:51:bb:cf:6a:58:11:9e:26:0d:5c:d2:68:59:88:c1:c5:f7:10:c5:96:a4:21

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LocalFree
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
GetVersionExW
RtlUnwind
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcmpiA
lstrcpy
lstrlenW
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetProcessHeap
GetOEMCP
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW
GetLastError
GetFileType
GetEnvironmentStringsW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCPInfo
GetACP
FreeEnvironmentStringsW
FlushFileBuffers
ExitProcess
EnterCriticalSection
EncodePointer
DeleteCriticalSection
DecodePointer
GetProcAddress
CreateFileW
CloseHandle
VirtualAllocEx
GetModuleHandleA
LoadLibraryA
RaiseException

user32

GetClassWord
GetClipboardFormatNameW
GetCursorInfo
GetDCEx
GetMenuStringW
GetMessageExtraInfo
GetScrollInfo
IsCharUpperW
IsDialogMessageW
IsHungAppWindow
LoadAcceleratorsW
LoadBitmapW
LoadStringW
MapVirtualKeyExW
OemToCharA
PackDDElParam
PtInRect
RealGetWindowClass
RegisterDeviceNotificationA
SendMessageW
SendNotifyMessageW
SetDlgItemTextA
SetUserObjectSecurity
SetWindowTextW
TrackPopupMenu
UnloadKeyboardLayout
UserHandleGrantAccess
CreateIconFromResourceEx
CharUpperBuffA
GetClassNameA
LoadCursorFromFileA
GetThreadDesktop
IsCharAlphaW
GetForegroundWindow
GetDlgCtrlID
EndMenu
GetKeyState
OemKeyScan
ReleaseCapture
GetClipboardOwner
CloseDesktop
GetProcessWindowStation
ShowCaret
OpenIcon
CharLowerW
GetDoubleClickTime
LoadIconA
CreatePopupMenu
WindowFromDC
CharNextA
GetWindowTextLengthA
CopyIcon
CloseClipboard
IsWindowVisible
IsCharUpperA
GetMenuContextHelpId
GetKeyboardType
GetCaretBlinkTime
GetListBoxInfo
GetMessageTime
GetAltTabInfoW
GetAltTabInfo
FlashWindowEx
ExitWindowsEx
EnumPropsExA
EnumDisplaySettingsA
EnumDisplayMonitors
IsWindowEnabled
EnumDesktopsA
EndDeferWindowPos
DrawStateW
DrawStateA
DdeQueryStringW
CharLowerBuffA
CreateWindowExA
GetMenuCheckMarkDimensions

gdi32

GetFontLanguageInfo
GetSystemPaletteUse
GetGraphicsMode
SaveDC
GetBkColor
EndPath
GetDCBrushColor
CreateHalftonePalette
GetColorSpace
FlattenPath
GetStretchBltMode
PathToRegion
GetPolyFillMode
DeleteColorSpace
TranslateCharsetInfo
WidenPath
EndPage
DeleteDC
GetMapMode
AddFontResourceW
SetMetaRgn
GetLayout
GetBkMode
DeleteEnhMetaFile
AbortDoc

comdlg32

PrintDlgW

advapi32

SetSecurityDescriptorDacl
RegQueryValueExW
OpenProcessToken
GetTokenInformation

shell32

SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHGetFileInfoW
SHBindToParent
ExtractAssociatedIconW
ShellExecuteA

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
CreateStreamOnHGlobal

shlwapi

StrStrIW
StrStrA
StrCpyW
StrCpyNW
StrChrIW
StrCatW

comctl32

InitializeFlatSB

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 894KB - Virtual size: 894KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb1d33d20528549d4b179bab24de35b3

Code Sign

79:6c:68:b7:90:b0:80:b9:46:72:a7:82:8f:58:9f:d3Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

0d:ed:a1:cb:4d:a2:29:28:65:d2:51:bb:cf:6a:58:11:9e:26:0d:5c:d2:68:59:88:c1:c5:f7:10:c5:96:a4:21Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 894KB - Virtual size: 894KB

.rsrc Size: 102KB - Virtual size: 1.1MB

79:6c:68:b7:90:b0:80:b9:46:72:a7:82:8f:58:9f:d3
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

0d:ed:a1:cb:4d:a2:29:28:65:d2:51:bb:cf:6a:58:11:9e:26:0d:5c:d2:68:59:88:c1:c5:f7:10:c5:96:a4:21
Signer

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 894KB - Virtual size: 894KB

.rsrc
Size: 102KB - Virtual size: 1.1MB