JaffaCakes118_51e5a5cf87623e28067ad3e11e4b776e40da7a48b087dace06fafa61da115944

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_51e5a5cf87623e28067ad3e11e4b776e40da7a48b087dace06fafa61da115944
Size

420KB
MD5

37138714886d9567719b572e1a0726d5
SHA1

3ef5b8387520245cc3bb3aeb46ea9089c238db07
SHA256

51e5a5cf87623e28067ad3e11e4b776e40da7a48b087dace06fafa61da115944
SHA512

3cc09e8a841e8c03e1e247e563ec568e814b247c39f6d2608770baa4b97859418e8225bea09f644f5f41d4808523000fba2517aab4c5e21f6b7ecf78887a8459
SSDEEP

3072:RR9bcDynvatGRtOFeI9xBumIDu/FqimNMmZK8RkEJ1gkYCRTLn94xXgq1oyO7KGP:RR9bjytGrOFeI9HkFilugONIwj7/f

Score

1^/10

Malware Config

Signatures

Files

JaffaCakes118_51e5a5cf87623e28067ad3e11e4b776e40da7a48b087dace06fafa61da115944
.exe windows:4 windows x86 arch:x86

211901ac724e2ad9903d3e3d212ffcbb

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:b6:30:f9:64:55:31:f8:86:8d:ae:8a:c0:f8:cf:e6
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-07-2020 00:00

Not After

12-07-2021 12:00

Subject

SERIALNUMBER=1187847238919,CN=Geksan LLC,O=Geksan LLC,L=Saint Petersburg,C=RU,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025255

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:6f:92:48:0d:fa:4e:65:7a:e1:bd:b5:2e:57:bc:58:06:63:38:b3
Signer

Actual PE Digest

9a:6f:92:48:0d:fa:4e:65:7a:e1:bd:b5:2e:57:bc:58:06:63:38:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
WaitForSingleObject
SetEvent
SetThreadPriority
SuspendThread
CreateEventA
lstrcmpA
lstrcpynA
GetCurrentThread
GlobalAlloc
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetLastError
GetFileAttributesA
GetTempFileNameA
GetFullPathNameA
MultiByteToWideChar
GetFileTime
GetDiskFreeSpaceA
MulDiv
GlobalFlags
LocalAlloc
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
DuplicateHandle
GetCurrentProcess
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
DeleteFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetFileSize
LocalFileTimeToFileTime
SystemTimeToFileTime
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
CreateThread
ExitThread
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetProfileStringA
WideCharToMultiByte
CloseHandle
lstrlenA
InterlockedDecrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
WaitNamedPipeA
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
FreeConsole
InterlockedIncrement
InitializeCriticalSection
Sleep
ReadFile
WriteFile
EnterCriticalSection
LeaveCriticalSection
GetLastError
FormatMessageA
LocalFree
ResumeThread
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
SetFileTime

user32

IsWindowVisible
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetFocus
GetFocus
DispatchMessageA
PeekMessageA
GetSysColor
MapWindowPoints
SendDlgItemMessageA
PostMessageA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
ReleaseDC
GetDC
ValidateRect
TranslateMessage
GetMessageA
InvalidateRect
DestroyMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsZoomed
InflateRect
RedrawWindow
SetCapture
SetCursorPos
DestroyCursor
IsRectEmpty
UnionRect
KillTimer
WindowFromPoint
SetRect
PostQuitMessage
ShowOwnedPopups
GetScrollPos
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
GetSysColorBrush
FindWindowA
GetDCEx
LockWindowUpdate
InsertMenuA
GetMenuStringA
DestroyIcon
CharUpperA
SetParent
IsWindowUnicode
CharNextA
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
IsWindowEnabled
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
wvsprintfA
RegisterClassA
SetForegroundWindow
GetCursorPos
LoadBitmapA
LoadCursorA
GetDesktopWindow
UpdateWindow
ShowWindow
SetTimer
GetSystemMenu
DeleteMenu
GetClientRect
LoadMenuA
PtInRect
ClientToScreen
GetSubMenu
LoadIconA
LoadStringA
SendMessageA
EnableWindow
GetDlgItem
UnregisterClassA

gdi32

CreateSolidBrush
GetDeviceCaps
BitBlt
CreatePatternBrush
SetBkMode
GetStockObject
RestoreDC
SaveDC
GetTextMetricsA
GetTextExtentPoint32A
CreateFontA
CreateRectRgn
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
SetMapMode
CreateCompatibleDC
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
SelectObject
StretchDIBits
DeleteDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectA
CreateDIBitmap
GetTextExtentPointA
CombineRgn
SetRectRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegSetValueA
OpenSCManagerA
OpenServiceA
CreateServiceA
StartServiceA
CloseServiceHandle
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptAcquireContextA
RegCloseKey

shell32

Shell_NotifyIconA
SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish

mpr

WNetCancelConnection2A
WNetAddConnection2A

comctl32

ImageList_Create
ord17
ImageList_ReplaceIcon
ImageList_Destroy

wsock32

WSACleanup
WSAStartup

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

Exports

Exports

yuAAQERWEARDFGSFdgtgfgSZXAWQFAs

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

211901ac724e2ad9903d3e3d212ffcbb

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

03:b6:30:f9:64:55:31:f8:86:8d:ae:8a:c0:f8:cf:e6Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

9a:6f:92:48:0d:fa:4e:65:7a:e1:bd:b5:2e:57:bc:58:06:63:38:b3Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

mpr

comctl32

wsock32

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 27KB

Shared Size: 4KB - Virtual size: 4B

.rsrc Size: 128KB - Virtual size: 126KB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

03:b6:30:f9:64:55:31:f8:86:8d:ae:8a:c0:f8:cf:e6
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

9a:6f:92:48:0d:fa:4e:65:7a:e1:bd:b5:2e:57:bc:58:06:63:38:b3
Signer

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 27KB

Shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 128KB - Virtual size: 126KB