General

Malware Config

Signatures

Files

• 191efde5fff866d11803668bece19481_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  0484e9827e9bbd4e9dc1d70ac883a373

  
  

  Code Sign

  15:b1:55:c1:72:b5:ce:a3:48:8c:94:e5:5b:da:b1:5f

  Certificate

  Issuer

  CN=DAEOTLIWKIKZFJMDIS

  Not Before

  09-05-2019 10:45

  Not After

  31-12-2039 23:59

  Subject

  CN=DAEOTLIWKIKZFJMDIS

  Extended Key Usages

  ExtKeyUsageCodeSigning

  3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08

  Certificate

  Issuer

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  02-05-2019 00:00

  Not After

  01-08-2030 23:59

  Subject

  CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-05-2019 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  f1:9e:9f:45:dd:ed:89:2f:0b:2c:56:32:44:06:30:6f:21:c3:03:1b:06:56:1c:6e:34:2f:70:e4:f6:f9:cd:d9

  Signer

  Actual PE Digest

  f1:9e:9f:45:dd:ed:89:2f:0b:2c:56:32:44:06:30:6f:21:c3:03:1b:06:56:1c:6e:34:2f:70:e4:f6:f9:cd:d9

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleHandleW

  GetOEMCP

  GetPrivateProfileStringA

  GetProcessHeap

  GetProcessIoCounters

  GetShortPathNameA

  GetStartupInfoA

  GetStartupInfoW

  GetStdHandle

  GetStringTypeA

  GetStringTypeW

  GetSystemDirectoryA

  GetSystemDirectoryW

  GetSystemTime

  GetSystemTimeAsFileTime

  GetTempFileNameA

  GetTempPathA

  GetTickCount

  GetVersion

  GetVersionExA

  GetVersionExW

  GetVolumeInformationW

  GetWindowsDirectoryA

  GlobalAlloc

  GlobalFree

  GlobalLock

  GlobalUnlock

  HeapAlloc

  HeapCreate

  HeapDestroy

  HeapFree

  HeapReAlloc

  HeapSize

  InitializeCriticalSection

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedIncrement

  IsDebuggerPresent

  IsValidCodePage

  LCMapStringA

  LCMapStringW

  LeaveCriticalSection

  LoadLibraryExA

  LoadLibraryW

  LocalAlloc

  LocalFileTimeToFileTime

  GetModuleHandleA

  MoveFileA

  MulDiv

  MultiByteToWideChar

  QueryPerformanceCounter

  RaiseException

  ReadConsoleInputW

  ReadFile

  ReleaseSemaphore

  RemoveDirectoryA

  RtlUnwind

  SearchPathA

  SetConsoleMode

  SetCurrentDirectoryA

  SetErrorMode

  SetFileAttributesA

  SetFilePointer

  SetFileTime

  SetHandleCount

  SetLastError

  SetStdHandle

  SetUnhandledExceptionFilter

  Sleep

  TerminateProcess

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  VirtualAlloc

  VirtualFree

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleA

  WriteConsoleW

  WriteFile

  WritePrivateProfileStringA

  lstrcatA

  lstrcatW

  lstrcmpA

  lstrcmpW

  lstrcmpiA

  lstrcpyW

  lstrcpynA

  lstrcpynW

  lstrlenA

  lstrlenW

  GetModuleFileNameW

  GetModuleFileNameA

  GetLocaleInfoA

  GetLastError

  GetFullPathNameA

  GetFileType

  GetFileSize

  GetFileAttributesW

  GetFileAttributesA

  GetExitCodeProcess

  GetEnvironmentStringsW

  GetEnvironmentStrings

  GetDriveTypeW

  GetDiskFreeSpaceW

  GetDiskFreeSpaceA

  GetCurrentThreadId

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleScreenBufferInfo

  GetConsoleOutputCP

  GetConsoleMode

  GetConsoleCP

  GetCommandLineW

  GetCommandLineA

  GetCPInfo

  GetACP

  FreeLibrary

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  FormatMessageW

  FlushFileBuffers

  FindNextFileW

  FindNextFileA

  FindFirstFileW

  FindFirstFileA

  FindClose

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsA

  ExitProcess

  EnterCriticalSection

  DosDateTimeToFileTime

  DeviceIoControl

  DeleteFileW

  DeleteFileA

  DeleteCriticalSection

  CreateThread

  CreateProcessA

  CreateMutexW

  CreateJobObjectW

  CreateFileW

  CreateFileA

  CreateEventW

  CreateDirectoryA

  CopyFileA

  CompareFileTime

  CloseHandle

  VirtualAllocEx

  LoadLibraryA

  LocalFree

  GetProcAddress

  user32

  IsWindowUnicode

  IsWindowVisible

  IsZoomed

  KillTimer

  LoadAcceleratorsW

  LoadBitmapW

  LoadCursorW

  LoadIconW

  LoadImageW

  LoadKeyboardLayoutW

  LoadStringW

  LookupIconIdFromDirectory

  MapDialogRect

  MessageBoxW

  MoveWindow

  MsgWaitForMultipleObjects

  OemToCharA

  OffsetRect

  OpenWindowStationA

  PostMessageA

  PostMessageW

  PostQuitMessage

  PostThreadMessageA

  RegisterClassExW

  RegisterHotKey

  RegisterWindowMessageW

  ReleaseDC

  RemovePropA

  ReuseDDElParam

  ScreenToClient

  ScrollDC

  SendInput

  SendMessageA

  SendMessageCallbackA

  SendMessageTimeoutA

  SendMessageTimeoutW

  SendMessageW

  SetClassLongW

  SetClipboardData

  SetCursor

  SetCursorPos

  SetDlgItemTextW

  SetFocus

  SetForegroundWindow

  SetParent

  SetPropA

  SetTimer

  SetWindowLongW

  SetWindowPlacement

  SetWindowPos

  SetWindowRgn

  SetWindowTextW

  ShowOwnedPopups

  ShowWindow

  SystemParametersInfoW

  TabbedTextOutA

  TranslateAcceleratorW

  TranslateMessage

  UpdateWindow

  WaitForInputIdle

  wsprintfW

  wvsprintfA

  IsWindowEnabled

  IsWindow

  IsIconic

  IsDlgButtonChecked

  IsCharAlphaNumericW

  InvalidateRect

  InflateRect

  ImpersonateDdeClientWindow

  IMPQueryIMEA

  GetWindowThreadProcessId

  GetWindowTextW

  GetWindowTextLengthW

  GetWindowRect

  GetWindowPlacement

  GetWindowLongW

  GetWindow

  GetUserObjectInformationW

  GetTopWindow

  GetThreadDesktop

  GetSystemMetrics

  GetSystemMenu

  GetPropA

  GetParent

  GetMessageW

  GetMenuInfo

  GetMenu

  GetKeyState

  GetIconInfo

  GetForegroundWindow

  GetFocus

  GetDlgItem

  GetDC

  GetClipboardFormatNameA

  GetClientRect

  GetClassWord

  GetClassNameA

  GetClassLongW

  GetAsyncKeyState

  GetActiveWindow

  FrameRect

  FindWindowW

  FindWindowExA

  EnumWindows

  EnumThreadWindows

  EnumDisplaySettingsW

  EnumDisplayDevicesW

  EnumDesktopWindows

  EndPaint

  EndDialog

  EnableWindow

  EnableMenuItem

  DrawTextW

  DrawFrameControl

  DrawFocusRect

  DispatchMessageW

  DialogBoxParamW

  DestroyWindow

  DestroyIcon

  DefWindowProcW

  DefDlgProcW

  DdeGetData

  CreateWindowExW

  CreatePopupMenu

  CreateMDIWindowA

  CreateDesktopA

  ChildWindowFromPointEx

  CheckDlgButton

  CharUpperW

  CharUpperBuffW

  CharLowerW

  ChangeDisplaySettingsExW

  CascadeChildWindows

  CallMsgFilter

  BeginPaint

  AttachThreadInput

  AdjustWindowRectEx

  AnimateWindow

  FindWindowExW

  gdi32

  ExtCreatePen

  FONTOBJ_pifi

  FlattenPath

  GdiConvertBitmap

  GdiConvertToDevmodeW

  GetCharacterPlacementA

  GetDIBits

  GetDeviceCaps

  GetDeviceGammaRamp

  GetObjectA

  GetObjectW

  GetPixel

  GetStockObject

  GetTextExtentPoint32W

  GetTextExtentPointA

  GetTextExtentPointW

  GetTextFaceW

  LineTo

  EudcLoadLinkW

  PolyDraw

  EngEraseSurface

  RectInRegion

  Rectangle

  RestoreDC

  RoundRect

  SaveDC

  SelectObject

  SetBkColor

  SetBkMode

  SetDIBits

  SetPixel

  SetTextColor

  SetViewportOrgEx

  StretchBlt

  StrokeAndFillPath

  StrokePath

  cGetTTFFromFOT

  EngReleaseSemaphore

  MoveToEx

  AngleArc

  EndPath

  Ellipse

  DescribePixelFormat

  DeleteObject

  DeleteDC

  CreateSolidBrush

  CreatePen

  CreateFontW

  CreateFontIndirectW

  CreateFontIndirectA

  CreateEllipticRgn

  CreateDCW

  CreateCompatibleDC

  CreateCompatibleBitmap

  CloseFigure

  BeginPath

  EngQueryLocalTime

  advapi32

  RegQueryValueExA

  RegOpenKeyA

  shell32

  WOWShellExecute

  Shell_NotifyIconW

  ShellExecuteW

  ShellAboutA

  SHGetPathFromIDListA

  SHGetFolderPathA

  SHGetDesktopFolder

  SHGetDataFromIDListW

  SHFormatDrive

  SHFileOperation

  SHCreateDirectoryExW

  FindExecutableA

  ExtractAssociatedIconA

  ole32

  CoTaskMemFree

  CoUninitialize

  CreateStreamOnHGlobal

  GetHGlobalFromStream

  OleUninitialize

  CoCreateInstance

  CoCreateGuid

  CoInitialize

  shlwapi

  StrRStrIW

  StrCmpNIA

  Sections

  .text

  Size: 112KB - Virtual size: 111KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 14KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 316B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ