General

Malware Config

Signatures

Files

• 10ff01cce645f7e2e878008c52b574bf_JaffaCakes118

  .exe windows:4 windows x64 arch:x64

  5c79a8b2cca0eda8d189d5c120988458

  
  

  Code Sign

  02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  10-11-2006 00:00

  Not After

  10-11-2031 00:00

  Subject

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  04:4e:05:bb:1a:01:a1:cb:b5:0c:fb:6c:d2:4e:5d:6b

  Certificate

  Issuer

  CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  30-09-2020 00:00

  Not After

  27-09-2021 12:00

  Subject

  SERIALNUMBER=0000469404,CN=MUSTER PLUS SP Z O O,O=MUSTER PLUS SP Z O O,L=Krakow,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302504c

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  18-04-2012 12:00

  Not After

  18-04-2027 12:00

  Subject

  CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  ee:00:79:5d:d9:f7:0f:f8:8a:58:2a:34:ef:a0:fd:3f:9a:6f:8c:57

  Signer

  Actual PE Digest

  ee:00:79:5d:d9:f7:0f:f8:8a:58:2a:34:ef:a0:fd:3f:9a:6f:8c:57

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  advapi32

  CryptAcquireContextA

  kernel32

  AddAtomA

  CloseHandle

  CreateEventA

  CreateMutexA

  CreateSemaphoreA

  CreateThread

  DeleteCriticalSection

  DuplicateHandle

  EnterCriticalSection

  FindAtomA

  FindResourceA

  FreeConsole

  GetAtomNameA

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThread

  GetCurrentThreadId

  GetHandleInformation

  GetLastError

  GetModuleHandleA

  GetProcessAffinityMask

  GetStartupInfoA

  GetSystemTimeAsFileTime

  GetThreadContext

  GetThreadPriority

  GetTickCount

  InitializeCriticalSection

  LeaveCriticalSection

  LoadResource

  QueryPerformanceCounter

  RaiseException

  ReleaseMutex

  ReleaseSemaphore

  ResetEvent

  ResumeThread

  RtlAddFunctionTable

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlUnwindEx

  RtlVirtualUnwind

  SetEvent

  SetLastError

  SetProcessAffinityMask

  SetThreadContext

  SetThreadPriority

  SetUnhandledExceptionFilter

  SizeofResource

  Sleep

  SuspendThread

  TerminateProcess

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TryEnterCriticalSection

  UnhandledExceptionFilter

  VirtualAlloc

  VirtualProtect

  VirtualQuery

  WaitForMultipleObjects

  WaitForSingleObject

  lstrcpyA

  msvcrt

  __C_specific_handler

  __dllonexit

  __getmainargs

  __initenv

  __iob_func

  __lconv_init

  __set_app_type

  __setusermatherr

  _acmdln

  _amsg_exit

  _beginthreadex

  _cexit

  _endthreadex

  _fmode

  _ftime

  _initterm

  _lock

  _onexit

  _setjmp

  _unlock

  _write

  abort

  calloc

  exit

  fprintf

  fputc

  fputs

  free

  fwrite

  longjmp

  malloc

  memcmp

  memcpy

  memmove

  memset

  printf

  realloc

  signal

  sprintf

  strcmp

  strlen

  strncmp

  vfprintf

  user32

  BeginPaint

  CreateWindowExA

  DefWindowProcA

  DestroyWindow

  DialogBoxParamA

  DispatchMessageA

  DrawTextA

  EnableWindow

  EndDialog

  EndPaint

  GetClassInfoExA

  GetClientRect

  GetDesktopWindow

  GetFocus

  GetMessageA

  GetWindowRect

  GetWindowTextA

  GetWindowTextLengthA

  LoadAcceleratorsA

  LoadCursorA

  LoadIconA

  LoadStringA

  MessageBoxA

  PostMessageA

  PostQuitMessage

  RegisterClassExA

  SendMessageA

  SetFocus

  SetForegroundWindow

  SetWindowTextA

  ShowWindow

  TranslateAcceleratorA

  TranslateMessage

  UpdateWindow

  gdi32

  CreateFontIndirectA

  DeleteObject

  Exports

  Exports

  DAAGGGRHNUI

  Sections

  .text

  Size: 148KB - Virtual size: 147KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 74KB - Virtual size: 73KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 13KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .pdata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .xdata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .bss

  Size: - Virtual size: 8KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .edata

  Size: 512B - Virtual size: 75B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .idata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .CRT

  Size: 512B - Virtual size: 112B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 80B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 483KB - Virtual size: 483KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 1024B - Virtual size: 672B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /4

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /19

  Size: 56KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /31

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /45

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /57

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /70

  Size: 1024B - Virtual size: 806B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /81

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /92

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ