General

Malware Config

Signatures

Files

• 167ab011f9c47bb116e5159ded5722f0_JaffaCakes118

  .dll windows:3 windows x86 arch:x86

  e775fd241e127c163e04bf7c065e3ff1

  
  

  Code Sign

  70:9d:54:7a:2f:09:d3:9c:4c:23:34:98:3f:2c:bf:50

  Certificate

  Issuer

  CN=BMUZVYUGWSQWLAIISX

  Not Before

  21-01-2021 22:35

  Not After

  31-12-2039 23:59

  Subject

  CN=BMUZVYUGWSQWLAIISX

  Extended Key Usages

  ExtKeyUsageCodeSigning

  30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-05-2019 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b

  Certificate

  Issuer

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  23-10-2020 00:00

  Not After

  22-01-2032 23:59

  Subject

  CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  0a:bd:db:23:75:9e:d4:79:f5:02:17:27:81:99:c0:d3:f4:90:e5:6c

  Signer

  Actual PE Digest

  0a:bd:db:23:75:9e:d4:79:f5:02:17:27:81:99:c0:d3:f4:90:e5:6c

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  LoadLibraryA

  GetProcAddress

  GetModuleHandleW

  GetLastError

  user32

  LoadCursorA

  DrawMenuBar

  wsprintfW

  PostMessageA

  EnumChildWindows

  SendMessageTimeoutA

  GetWindowTextA

  EnumWindows

  SendMessageA

  wsprintfA

  GetClassNameA

  gdi32

  CreateMetaFileW

  AddFontResourceW

  RealizePalette

  advapi32

  RegOpenKeyA

  GetUserNameA

  Sections

  .text

  Size: 14KB - Virtual size: 13KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 87B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text4

  Size: 315KB - Virtual size: 315KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text8

  Size: 512B - Virtual size: 100B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  .text7

  Size: 512B - Virtual size: 100B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  .text6

  Size: 512B - Virtual size: 100B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  .text5

  Size: 512B - Virtual size: 100B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 992B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ