e7e18e272042949ed5e97ef0c1dc7b49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e7e18e272042949ed5e97ef0c1dc7b49_JaffaCakes118
Size

248KB
MD5

e7e18e272042949ed5e97ef0c1dc7b49
SHA1

758ffcb11de67ad8ecc9feaf0ace1369c5ba9663
SHA256

6e3e6223a36f1538f7d6423c00256a2181a75dc67913b9696a0db5ab67570fa4
SHA512

48d47c9a0fe9cba6ff95277c227cd4b3bdc3ee04e912f9b37a28cb3c468d3a763486516c3faec2cdfa7a26a5fac4b730d6b7908274d169c3ef6ce3c7cee36357
SSDEEP

6144:X5WJ26o8VPGDQaoq0h0OzdAM6oIwfTwIcr73TQ1:X5WQ6oOP5aRs0OKM6CsIC3TQ1

Score

1^/10

Malware Config

Signatures

Files

e7e18e272042949ed5e97ef0c1dc7b49_JaffaCakes118
.zip
Pagamento.Pdf______________________________________________________________.exe
.exe windows:4 windows x86 arch:x86

a9860d43dc08638f87731660529c9420

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

Issuer

CN=u65ykrty

Not Before

28/01/2012, 05:39

Not After

31/12/2039, 23:59

Subject

CN=u65ykrty

Extended Key Usages

ExtKeyUsageCodeSigning

1b:8c:46:45:58:47:36:48:eb:5e:69:43:dd:82:bc:af:a9:c6:fe:ab
Signer

Actual PE Digest

1b:8c:46:45:58:47:36:48:eb:5e:69:43:dd:82:bc:af:a9:c6:fe:ab

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc
Module32Next
GlobalFindAtomA
FindFirstVolumeMountPointW
HeapLock
GetPrivateProfileSectionW
GetCommandLineW
LoadLibraryExA
PeekConsoleInputW
GetLogicalDriveStringsW
VerLanguageNameW
SetCommConfig
GetWindowsDirectoryW
CreatePipe
Sleep
GetConsoleScreenBufferInfo
GetFileAttributesExA
GetTempPathA
GetTempPathW
Module32FirstW
Process32FirstW
Heap32Next
RtlZeroMemory
SetSystemPowerState
WriteTapemark
RtlMoveMemory
GetCPInfoExW
GetPrivateProfileSectionNamesW
GetStringTypeExW
GetStringTypeA
_lclose
SetConsoleTitleW
CommConfigDialogW
GetAtomNameW
SetFileApisToANSI
FindFirstFileExA
LockFileEx
GetCPInfoExA
VirtualProtectEx
lstrcpynA
SetCommState
FindResourceExW
CancelWaitableTimer
WriteProfileSectionA
LocalShrink
GetProfileIntW
OpenThread
MoveFileWithProgressW
BindIoCompletionCallback
CreateMutexA
SignalObjectAndWait
OpenMutexA
WriteFileGather
GetConsoleAliasExesA
FlushInstructionCache
FileTimeToDosDateTime
GetThreadSelectorEntry
GetLongPathNameW
SetConsoleCursorInfo
Thread32Next
SetLocaleInfoA
LocalHandle
Process32Next
HeapCreate
ReadConsoleA
IsBadWritePtr
ScrollConsoleScreenBufferW
TlsAlloc
UpdateResourceW
BuildCommDCBA
GetBinaryTypeA
MultiByteToWideChar
UnmapViewOfFile
SetCurrentDirectoryW
RemoveDirectoryW
GlobalDeleteAtom
GetDriveTypeA
LeaveCriticalSection
CallNamedPipeA
VirtualQueryEx
VerifyVersionInfoW
FindNextVolumeA
FindFirstFileW
IsBadStringPtrA
GetSystemWindowsDirectoryW
CloseHandle
FileTimeToSystemTime
WritePrivateProfileStructA
lstrcmpW
GlobalFlags
SetConsoleOutputCP

user32

LoadIconW

advapi32

RegOpenKeyExW

shell32

SHGetDataFromIDListW
SHGetFileInfoW
DragQueryPoint
SHInvokePrinterCommandA
SHGetInstanceExplorer
Shell_NotifyIcon
SHFileOperation
SHEmptyRecycleBinA
ExtractIconExA
FindExecutableW
ExtractAssociatedIconExW
SHGetFileInfoA
SHCreateDirectoryExA
ShellExecuteExA
ShellExecuteA
WOWShellExecute
SHFormatDrive
SHBrowseForFolderA
CheckEscapesW
SHGetDesktopFolder
SHGetFolderLocation
CommandLineToArgvW
DragQueryFileA
DragQueryFileW
SHLoadInProc
ShellExecuteW
SHLoadNonloadedIconOverlayIdentifiers
DragFinish
SHGetPathFromIDList

shlwapi

SHRegEnumUSValueA
PathMakeSystemFolderA
PathSetDlgItemPathA
SHRegGetBoolUSValueW
SHRegSetUSValueW
SHRegWriteUSValueA
PathAddExtensionA
ord16
PathIsUNCA
SHSkipJunction
StrTrimW
UrlIsOpaqueA
PathFindExtensionA
PathRelativePathToA
PathIsUNCServerA
PathMatchSpecW
SHEnumValueW
SHSetThreadRef
SHRegEnumUSKeyA
PathAppendW
ColorAdjustLuma
UrlCanonicalizeA
SHStrDupW
StrToIntExW
wvnsprintfW
AssocQueryStringA
PathAddBackslashA
SHEnumKeyExA
PathRemoveArgsW
ChrCmpIA
SHGetInverseCMAP
PathSetDlgItemPathW
SHOpenRegStreamA
StrCSpnIW
PathAddExtensionW
PathGetDriveNumberW
PathIsSameRootW
StrPBrkA
PathIsDirectoryEmptyA
SHDeleteEmptyKeyA
PathCanonicalizeA
AssocQueryKeyW
PathUnquoteSpacesA
StrChrIW
wnsprintfW
StrCpyNW
StrCSpnW
StrToIntW
SHRegDeleteEmptyUSKeyW
PathRemoveBackslashA
PathIsLFNFileSpecA
PathCompactPathW
SHRegQueryUSValueA
SHIsLowMemoryMachine
UrlCombineA
PathFindFileNameA
PathIsUNCServerShareA
PathIsUNCServerShareW
SHRegWriteUSValueW
UrlCompareW
SHRegQueryInfoUSKeyW
StrRStrIA
PathIsContentTypeW
PathParseIconLocationA
StrStrA
PathGetDriveNumberA
PathGetArgsA
SHDeleteEmptyKeyW
SHRegOpenUSKeyA
StrToIntExA
UrlCreateFromPathW
PathUndecorateW
StrFromTimeIntervalW
StrRChrA
PathCombineA
PathIsSystemFolderW
SHRegDeleteUSValueW
StrCpyW
AssocQueryStringByKeyW
UrlCreateFromPathA
AssocQueryStringW
SHRegEnumUSValueW
SHGetValueW
PathIsDirectoryEmptyW
StrRStrIW
StrChrA
StrRChrIW
StrRChrIA
StrStrIW

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9860d43dc08638f87731660529c9420

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26Certificate

Extended Key Usages

1b:8c:46:45:58:47:36:48:eb:5e:69:43:dd:82:bc:af:a9:c6:fe:abSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 309KB - Virtual size: 309KB

.data Size: 6KB - Virtual size: 5KB

.text4 Size: 1024B - Virtual size: 960B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

1b:8c:46:45:58:47:36:48:eb:5e:69:43:dd:82:bc:af:a9:c6:fe:ab
Signer

.text
Size: 309KB - Virtual size: 309KB

.data
Size: 6KB - Virtual size: 5KB

.text4
Size: 1024B - Virtual size: 960B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB