f81e4d78835ab815acad0a4538c3854e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f81e4d78835ab815acad0a4538c3854e_JaffaCakes118
Size

292KB
MD5

f81e4d78835ab815acad0a4538c3854e
SHA1

563c14cbc36b2c5eb9c3e339bd22af09f8f671ca
SHA256

0aa46a094ca80aefed6ba9300b5eecbf6cd731fd16f32df6823415a43e5a0ca3
SHA512

ada59f9c7b92776339022f7cbb467f4d3cb5d129a2dadaa4927848cf75022dcc4bd033615ed1c5494c7faf88a60ce97f4290eb10e597f3451b3ecdc2e3834ca7
SSDEEP

6144:IXNlvdqWLqOKf/B5RyaynzgvGq6JhW7VQgtm0DTHU8:IXN/zLW/B5YzFHitmA/

Score

1^/10

Malware Config

Signatures

Files

f81e4d78835ab815acad0a4538c3854e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

Issuer

CN=36262356236

Not Before

10/02/2012, 10:35

Not After

31/12/2039, 23:59

Subject

CN=36262356236

Extended Key Usages

ExtKeyUsageCodeSigning

3e:7e:8a:41:ed:bc:e6:46:cb:5f:ec:1a:0e:d6:c3:9c:ce:fd:5b:57
Signer

Actual PE Digest

3e:7e:8a:41:ed:bc:e6:46:cb:5f:ec:1a:0e:d6:c3:9c:ce:fd:5b:57

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
CreateFileA

user32

SetLastErrorEx
MessageBoxA
ChangeMenuW
IsRectEmpty
DefMDIChildProcW
CloseClipboard
GetListBoxInfo
SetFocus
InsertMenuW
GetWindowTextA
IsCharAlphaA
GetThreadDesktop
GetMenuContextHelpId
GetDesktopWindow
DestroyMenu
GetClassNameW
GetTabbedTextExtentW
GetMessageTime
MessageBeep
LoadKeyboardLayoutW
SetProcessWindowStation
InSendMessageEx
RegisterWindowMessageA
IsChild
CopyRect
DestroyWindow
FindWindowExW
WinHelpW
GrayStringA
GetCaretPos
RegisterDeviceNotificationA
RealGetWindowClass
SendMessageA
GetMenuCheckMarkDimensions
CreateWindowExW
GetIconInfo
wvsprintfW
ValidateRect
InflateRect
LoadCursorFromFileA
DefFrameProcA
LoadKeyboardLayoutA
CopyIcon
DdeFreeDataHandle
OemToCharA
DialogBoxParamA
SetWindowWord
RemoveMenu
DdeGetLastError
GetMenu
CreateCaret
GetMessageA
GetDoubleClickTime
SendIMEMessageExW
CascadeChildWindows
GetKeyboardLayoutNameW
EndDeferWindowPos
SetCapture
ChangeDisplaySettingsW
DdeClientTransaction
wvsprintfA
GetTabbedTextExtentA
SetDeskWallpaper
UnionRect
GetWindowRect
GetSysColorBrush
IsDialogMessageA
BroadcastSystemMessage
TabbedTextOutW
CreateDialogParamA
DdeAccessData
RegisterClipboardFormatA
ScrollDC
CreateAcceleratorTableW
KillTimer
SendMessageTimeoutA
SetWindowsHookExA
ChangeDisplaySettingsExA
SetScrollInfo
OemKeyScan
HideCaret
EnumThreadWindows
MessageBoxIndirectA
DrawMenuBar
CreateDialogIndirectParamA
EnumWindowStationsA
DdeInitializeW
GetMouseMovePointsEx
ValidateRgn
GetWindowTextW
GetClassNameA
DestroyIcon
ClipCursor
GetWindowModuleFileName

comdlg32

ReplaceTextW
FindTextA
ChooseColorA
GetFileTitleW
GetSaveFileNameA
PrintDlgExW
PrintDlgExA
GetOpenFileNameA
GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
PageSetupDlgA
ChooseColorW
CommDlgExtendedError
ChooseFontA
ReplaceTextA
FindTextW
PrintDlgA
ChooseFontW
GetFileTitleA
PageSetupDlgW

comctl32

ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
DrawStatusText
ord16
ord5
ImageList_Create
ImageList_Add
ImageList_SetBkColor
InitializeFlatSB
CreatePropertySheetPage
FlatSB_EnableScrollBar
ImageList_DragLeave
ord13
ImageList_BeginDrag
ImageList_DrawEx
ImageList_SetFilter
InitCommonControlsEx
GetMUILanguage
FlatSB_GetScrollProp
ImageList_GetImageInfo
FlatSB_GetScrollRange
ImageList_AddIcon
ord3
ImageList_GetBkColor
ImageList_DragMove
ImageList_SetImageCount
ImageList_SetOverlayImage
InitMUILanguage
ImageList_Copy
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_Replace
CreateToolbarEx
ImageList_SetIconSize
ImageList_GetDragImage
ImageList_DragEnter
ImageList_LoadImage
ImageList_Write
ord8
FlatSB_SetScrollRange
FlatSB_GetScrollInfo
CreatePropertySheetPageW
ImageList_DrawIndirect
ord4
PropertySheetW
ImageList_Duplicate
ImageList_GetImageRect
FlatSB_SetScrollInfo
ImageList_AddMasked
DrawStatusTextW
ImageList_Destroy

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF1
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.texth
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4aCertificate

Extended Key Usages

3e:7e:8a:41:ed:bc:e6:46:cb:5f:ec:1a:0e:d6:c3:9c:ce:fd:5b:57Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

Sections

.text Size: 3KB - Virtual size: 3KB

.textF Size: 1024B - Virtual size: 1000B

.textF1 Size: 273KB - Virtual size: 273KB

.texth Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

3e:7e:8a:41:ed:bc:e6:46:cb:5f:ec:1a:0e:d6:c3:9c:ce:fd:5b:57
Signer

.text
Size: 3KB - Virtual size: 3KB

.textF
Size: 1024B - Virtual size: 1000B

.textF1
Size: 273KB - Virtual size: 273KB

.texth
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB