General

Malware Config

Signatures

Files

• 1767290b9606f7dab11712e060849f23_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  407b6e9965a449f087c4feb83cc4a54b

  
  

  Code Sign

  0c:4a:5f:1a:ec:53:58:51:b6:bb:78:c8:43:4e:24:77

  Certificate

  Issuer

  CN=KTQSBJPF

  Not Before

  20-03-2019 20:32

  Not After

  31-12-2039 23:59

  Subject

  CN=KTQSBJPF

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  13:20:8d:e3:ef:b4:1d:ac:2d:b5:92:e7:c1:77:42:c3:42:c1:28:d8:cb:d0:55:84:aa:1d:98:6d:98:ac:e2:c7

  Signer

  Actual PE Digest

  13:20:8d:e3:ef:b4:1d:ac:2d:b5:92:e7:c1:77:42:c3:42:c1:28:d8:cb:d0:55:84:aa:1d:98:6d:98:ac:e2:c7

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetStartupInfoA

  VirtualAlloc

  CloseHandle

  CompareFileTime

  lstrlenW

  lstrlenA

  lstrcpynW

  lstrcpynA

  lstrcpyW

  lstrcpyA

  lstrcmpiW

  lstrcmpiA

  lstrcmpW

  lstrcmpA

  lstrcatW

  lstrcatA

  _lopen

  WritePrivateProfileStringW

  WriteFile

  WriteConsoleW

  WideCharToMultiByte

  WaitForSingleObject

  WaitForMultipleObjectsEx

  VirtualQueryEx

  VirtualQuery

  VirtualProtect

  VirtualFree

  VerifyVersionInfoW

  UnhandledExceptionFilter

  TlsSetValue

  TlsGetValue

  TerminateThread

  TerminateJobObject

  SystemTimeToTzSpecificLocalTime

  SwitchToThread

  SuspendThread

  Sleep

  SizeofResource

  SetThreadPriority

  SetThreadLocale

  SetLastError

  SetFileTime

  SetFilePointer

  SetFileAttributesW

  SetEvent

  SetErrorMode

  SetEndOfFile

  SetCurrentDirectoryW

  SetCommConfig

  SearchPathW

  RtlUnwind

  ResumeThread

  ResetEvent

  RemoveDirectoryW

  ReadFile

  ReadConsoleOutputCharacterW

  RaiseException

  QueryPerformanceCounter

  OutputDebugStringW

  OpenProcess

  OpenMutexW

  OpenEventW

  MultiByteToWideChar

  MulDiv

  MoveFileW

  LockResource

  LocalFree

  LocalAlloc

  LoadResource

  LoadLibraryW

  LoadLibraryExW

  LoadLibraryExA

  LoadLibraryA

  LeaveCriticalSection

  IsValidLocale

  IsDebuggerPresent

  InterlockedIncrement

  InterlockedExchangeAdd

  InterlockedExchange

  InterlockedDecrement

  InterlockedCompareExchange

  InitializeCriticalSection

  GlobalUnlock

  GlobalLock

  GlobalFree

  GlobalFindAtomW

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomW

  GetWindowsDirectoryW

  GetVersionExW

  GetVersionExA

  GetVersion

  GetUserDefaultUILanguage

  GetTimeZoneInformation

  GetTickCount

  GetThreadPriority

  GetThreadLocale

  GetTempPathW

  GetTempFileNameW

  GetSystemTime

  GetSystemPowerStatus

  GetSystemInfo

  GetSystemDirectoryW

  GetSystemDirectoryA

  GetSystemDefaultUILanguage

  GetStdHandle

  GetModuleHandleW

  GetShortPathNameW

  GetProfileStringW

  GetProcessHeap

  GetProcAddress

  GetPrivateProfileStringW

  GetModuleHandleA

  GetModuleFileNameW

  GetModuleFileNameA

  GetLocaleInfoW

  GetLocalTime

  GetLastError

  GetFullPathNameW

  GetFileType

  GetFileSize

  GetFileAttributesW

  GetFileAttributesExW

  GetExitCodeThread

  GetExitCodeProcess

  GetEnvironmentVariableW

  GetDriveTypeW

  GetDiskFreeSpaceW

  GetDiskFreeSpaceExA

  GetDateFormatW

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleOutputCP

  GetConsoleAliasesW

  GetConsoleAliasesLengthW

  GetConsoleAliasExesLengthW

  GetCommandLineW

  GetCPInfoExW

  GetCPInfo

  GetAtomNameA

  GetACP

  FreeResource

  FreeLibrary

  FormatMessageW

  FlushInstructionCache

  FindResourceW

  FindResourceExW

  FindResourceExA

  FindNextFileW

  FindFirstFileW

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsW

  ExitThread

  ExitProcess

  EnumSystemLocalesW

  EnumDateFormatsW

  EnumCalendarInfoW

  EnterCriticalSection

  DeviceIoControl

  DeleteTimerQueueTimer

  DeleteFileW

  DeleteCriticalSection

  CreateTimerQueue

  CreateThread

  CreateProcessW

  CreateMutexA

  CreateFileW

  CreateEventW

  CompareStringW

  CopyFileW

  CreateDirectoryW

  user32

  PeekMessageW

  GetLastActivePopup

  GetTopWindow

  gdi32

  XFORMOBJ_iGetXform

  UnrealizeObject

  TranslateCharsetInfo

  TextOutA

  StretchDIBits

  StretchBlt

  StartPage

  StartDocW

  SetWindowOrgEx

  SetWindowExtEx

  SetWinMetaFileBits

  SetViewportOrgEx

  SetViewportExtEx

  SetTextColor

  SetTextAlign

  SetStretchBltMode

  SetRectRgn

  SetROP2

  SetPixelV

  SetPixel

  SetPaletteEntries

  SetMapMode

  SetLayout

  SetEnhMetaFileBits

  SetDIBitsToDevice

  SetDIBits

  SetDIBColorTable

  SetBrushOrgEx

  SetBkMode

  SetBkColor

  SetAbortProc

  SelectPalette

  SelectObject

  SelectClipRgn

  ScaleWindowExtEx

  ScaleViewportExtEx

  SaveDC

  RoundRect

  RestoreDC

  ResizePalette

  Rectangle

  RectVisible

  RealizePalette

  PtVisible

  Polyline

  Polygon

  PolyBezierTo

  PolyBezier

  PlayEnhMetaFileRecord

  PlayEnhMetaFile

  Pie

  PatBlt

  OffsetViewportOrgEx

  OffsetRgn

  MoveToEx

  MaskBlt

  LineTo

  LPtoDP

  IntersectClipRect

  GetWindowOrgEx

  GetWindowExtEx

  GetWinMetaFileBits

  GetViewportExtEx

  GetTextMetricsW

  GetTextMetricsA

  GetTextFaceAliasW

  GetTextExtentPointW

  GetTextExtentPointA

  GetTextExtentPoint32W

  GetTextExtentPoint32A

  GetTextColor

  GetSystemPaletteEntries

  GetStockObject

  GetRgnBox

  GetPixel

  GetPaletteEntries

  GetOutlineTextMetricsA

  GetObjectW

  GetObjectA

  GetNearestPaletteIndex

  GetMetaRgn

  GetMapMode

  GetLayout

  GetFontData

  GetEnhMetaFilePixelFormat

  GetEnhMetaFilePaletteEntries

  GetEnhMetaFileHeader

  GetEnhMetaFileDescriptionW

  GetEnhMetaFileBits

  GetDeviceCaps

  GetDIBits

  GetDIBColorTable

  GetCurrentPositionEx

  GetCurrentObject

  GetClipBox

  GetCharWidthA

  GetBrushOrgEx

  GetBkColor

  GetBitmapBits

  GdiSetBatchLimit

  GdiGetPageHandle

  GdiGetDevmodeForPage

  GdiGetCodePage

  GdiGetBatchLimit

  GdiFlush

  GdiFixUpHandle

  GdiEntry16

  GdiEntry10

  FrameRgn

  ExtTextOutW

  ExtTextOutA

  ExtFloodFill

  ExtCreateRegion

  ExcludeClipRect

  EudcLoadLinkW

  Escape

  EnumFontsW

  EnumFontsA

  EnumFontFamiliesExW

  EnumFontFamiliesExA

  EngGradientFill

  EngAcquireSemaphore

  EndPage

  EndDoc

  Ellipse

  DeleteObject

  DeleteEnhMetaFile

  DeleteDC

  DPtoLP

  CreateSolidBrush

  CreateRectRgnIndirect

  CreateRectRgn

  CreatePenIndirect

  CreatePatternBrush

  CreatePalette

  CreateMetaFileA

  CreateICW

  CreateHalftonePalette

  CreateFontIndirectW

  CreateFontIndirectA

  CreateFontA

  CreateDIBitmap

  CreateDIBSection

  CreateDCW

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBrushIndirect

  CreateBitmap

  CopyMetaFileA

  CopyEnhMetaFileW

  CopyEnhMetaFileA

  CombineRgn

  CloseMetaFile

  Chord

  CLIPOBJ_ppoGetPath

  BitBlt

  AddFontResourceExA

  AngleArc

  Arc

  ArcTo

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  advapi32

  RegFlushKey

  RegOpenKeyA

  RegCloseKey

  RegCreateKeyExW

  RegDeleteKeyW

  RegDeleteValueW

  RegEnumKeyExW

  RegSetValueExW

  RegQueryValueExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegEnumKeyW

  RegEnumValueW

  RegQueryValueExA

  shell32

  SHGetSpecialFolderLocation

  SHGetPathFromIDListW

  SHGetFileInfoW

  SHGetDesktopFolder

  SHGetDataFromIDListW

  SHChangeNotify

  SHBindToParent

  ord680

  ord153

  ord16

  ord24

  ord25

  ord18

  DragQueryFileW

  ShellExecuteW

  Shell_NotifyIconW

  ShellExecuteExW

  ole32

  DoDragDrop

  IsEqualGUID

  OleInitialize

  OleUninitialize

  RegisterDragDrop

  ReleaseStgMedium

  RevokeDragDrop

  StringFromCLSID

  CoUninitialize

  CoTaskMemFree

  CoInitializeEx

  CoInitialize

  CoCreateInstance

  CLSIDFromString

  CoTaskMemAlloc

  comctl32

  ImageList_AddMasked

  ImageList_Create

  ImageList_Destroy

  InitCommonControlsEx

  PropertySheetW

  CreatePropertySheetPageW

  Sections

  .text

  Size: 301KB - Virtual size: 301KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 11KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 308B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 44KB - Virtual size: 43KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ