General

Malware Config

Signatures

Files

• 130c22a54ee0e43dcc38a14409f75aae_JaffaCakes118

  .exe windows:1 windows x86 arch:x86

  46bc8fadc9354542964a11262484657c

  
  

  Code Sign

  6d:c6:bf:7d:a3:d6:b6:a8:41:6e:0b:9e:2e:b4:c6:06

  Certificate

  Issuer

  CN=OJQSJVHIBUTMZNUFDL

  Not Before

  01-10-2020 07:17

  Not After

  31-12-2039 23:59

  Subject

  CN=OJQSJVHIBUTMZNUFDL

  Extended Key Usages

  ExtKeyUsageCodeSigning

  bb:c9:6e:16:fc:de:0c:41:1c:19:82:73:89:fe:61:3a:bb:8d:4d:9f

  Signer

  Actual PE Digest

  bb:c9:6e:16:fc:de:0c:41:1c:19:82:73:89:fe:61:3a:bb:8d:4d:9f

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  Sleep

  VirtualAlloc

  GetModuleHandleW

  GetLastError

  LoadLibraryExW

  HeapFree

  GetProcessHeap

  GetModuleHandleA

  LoadLibraryW

  GetProcAddress

  FreeLibrary

  OutputDebugStringW

  GetLocalTime

  WriteFile

  SetFilePointer

  ExpandEnvironmentStringsW

  GetEnvironmentVariableW

  HeapAlloc

  CreateFileW

  DeviceIoControl

  CreateThread

  WaitForSingleObject

  GetCurrentProcess

  CloseHandle

  ExitThread

  SetLastError

  user32

  LoadCursorA

  gdi32

  CreateSolidBrush

  CreateHalftonePalette

  CreateMetaFileW

  DeleteColorSpace

  DeleteEnhMetaFile

  CreatePatternBrush

  DeleteMetaFile

  CreateMetaFileA

  CreateCompatibleDC

  DeleteDC

  CloseMetaFile

  GetEnhMetaFileW

  advapi32

  RegOpenKeyW

  RegQueryValueExW

  Sections

  .text

  Size: 4.0MB - Virtual size: 4.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ