c90cf61a0eaa05c312f7b77a09127bc9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c90cf61a0eaa05c312f7b77a09127bc9_JaffaCakes118
Size

1.3MB
MD5

c90cf61a0eaa05c312f7b77a09127bc9
SHA1

cb63424ccc3f5606ba789cf69b57356c35e89f15
SHA256

ea06a7494932ab6c092151d25da6161eaf724f04881ff07f2f30cfc622eec33e
SHA512

9db8e3533122e8f0cdd3b097dc56236d27bee5daf42f8d5eb912db52293e4a4b2357a6c97816e527caab791f920538b133b3432dbcb65331d5bf2b197733a937
SSDEEP

24576:bSyLtIBYWFkfV0hfPnZBdWGktI7ie8ydTF4EWCA:fKBlNfPjd1ktOie8y1FzA

Score

1^/10

Malware Config

Signatures

Files

c90cf61a0eaa05c312f7b77a09127bc9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a93bc10227d5a9999fd6f439e1ba7461

Code Sign

54:28:f2:e5:1f:95:6c:5a:b4:46:61:8f:15:08:71:1a
Certificate

Issuer

CN=LQITKQBE

Not Before

16-11-2018 14:45

Not After

31-12-2039 23:59

Subject

CN=LQITKQBE

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c8:aa:a6:7f:ba:43:b7:e2:33:c8:65:70:95:9e:f1:f8:7f:3f:cb:7a:cc:ac:8b:67:ac:49:23:92:db:f2:f1:c9
Signer

Actual PE Digest

c8:aa:a6:7f:ba:43:b7:e2:33:c8:65:70:95:9e:f1:f8:7f:3f:cb:7a:cc:ac:8b:67:ac:49:23:92:db:f2:f1:c9

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
MulDiv
LeaveCriticalSection
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
GetModuleHandleW
GetCurrentThreadId
FreeLibrary
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleA
VirtualAllocEx

user32

CallNextHookEx
CallWindowProcW
CharNextW
CharPrevW
ClientToScreen
CloseClipboard
CopyRect
CreateDialogParamW
CreateMenu
CreateWindowExW
DefDlgProcW
DefWindowProcW
DeleteMenu
DialogBoxParamW
DispatchMessageW
DrawEdge
DrawFocusRect
DrawIcon
DrawMenuBar
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FillRect
FindWindowA
GetActiveWindow
GetAsyncKeyState
GetClientRect
GetClipboardData
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetKeyState
GetMenu
GetMenuStringW
GetMessageW
GetParent
GetPropW
GetSubMenu
BeginPaint
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextW
InflateRect
InsertMenuW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsWindow
IsWindowEnabled
KillTimer
LoadAcceleratorsW
LoadCursorW
LoadIconW
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxExW
MessageBoxW
ModifyMenuW
MoveWindow
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
SendMessageW
SetActiveWindow
SetClassLongW
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetPropW
SetRect
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowWindow
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WinHelpW
wsprintfW
wvsprintfW
CharLowerA
IsIconic
DestroyCursor
IsWindowVisible
WindowFromDC
ReleaseCapture
GetWindowContextHelpId
GetClipboardOwner
CloseDesktop
GetSysColorBrush
GetWindowTextLengthA
DestroyMenu
CopyIcon
IsCharAlphaA
DestroyWindow
GetSysColor

gdi32

SetMetaRgn
GetEnhMetaFileA
GetDCPenColor
DeleteEnhMetaFile
GdiGetBatchLimit
GetEnhMetaFileW
AddFontResourceA
SwapBuffers
GetStockObject
CreateSolidBrush
CreateCompatibleDC
GetDCBrushColor

advapi32

RegQueryValueExA
RegOpenKeyExW

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a93bc10227d5a9999fd6f439e1ba7461

Code Sign

54:28:f2:e5:1f:95:6c:5a:b4:46:61:8f:15:08:71:1aCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

c8:aa:a6:7f:ba:43:b7:e2:33:c8:65:70:95:9e:f1:f8:7f:3f:cb:7a:cc:ac:8b:67:ac:49:23:92:db:f2:f1:c9Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 1024B - Virtual size: 744KB

54:28:f2:e5:1f:95:6c:5a:b4:46:61:8f:15:08:71:1a
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

c8:aa:a6:7f:ba:43:b7:e2:33:c8:65:70:95:9e:f1:f8:7f:3f:cb:7a:cc:ac:8b:67:ac:49:23:92:db:f2:f1:c9
Signer

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 1024B - Virtual size: 744KB