fdf4c3a1824d23f3f199163a8495ce69_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fdf4c3a1824d23f3f199163a8495ce69_JaffaCakes118
Size

23KB
MD5

fdf4c3a1824d23f3f199163a8495ce69
SHA1

187cd26fedeadc7a148b23546d2b5bc3d91292ed
SHA256

05e65ef1defa88cdf57ade34910a52eca0fc8fcfc881e1ad76867060ad8a7d23
SHA512

ea740fedae68a62b2a550524433767c554312b9d37d8c6d4facf46bcdede9b6a48b0d245e9924a0c5d3a15ee2ac6280461525f45508ab080d27b9db8ea7fa4f5
SSDEEP

384:1DZEsDXBS4RupdKyqYDsDUXrKCtoErhcg7Rddn:BZzRStpnTsQGEt37RdZ

Score

1^/10

Malware Config

Signatures

Files

fdf4c3a1824d23f3f199163a8495ce69_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9cec985af4cc513849a70383d8c855a7

Code Sign

78:64:b8:3d:5e:1c:99:46:b0:af:fb:7b:34:75:94:ca
Certificate

Issuer

CN=55121212512

Not Before

14-02-2012 04:59

Not After

31-12-2039 23:59

Subject

CN=55121212512

Extended Key Usages

ExtKeyUsageCodeSigning

a4:b0:47:d7:38:9e:2b:72:81:9e:5c:e7:9f:ee:af:a1:80:37:fe:f4
Signer

Actual PE Digest

a4:b0:47:d7:38:9e:2b:72:81:9e:5c:e7:9f:ee:af:a1:80:37:fe:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAdjustment
GetSystemWindowsDirectoryA
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GlobalAlloc
GlobalSize
Heap32ListNext
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapSize
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadResource
LocalFree
LocalShrink
MoveFileWithProgressW
OpenFile
OpenFileMappingW
OpenMutexA
OpenMutexW
PeekNamedPipe
Process32FirstW
Process32NextW
QueryDosDeviceW
ReadConsoleOutputA
ReadConsoleOutputW
ReadFile
ReplaceFile
ResetEvent
GetSystemDirectoryW
SearchPathA
SetCommBreak
SetCommTimeouts
SetConsoleCP
SetConsoleMode
SetDefaultCommConfigW
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetMessageWaitingIndicator
SetProcessShutdownParameters
SetThreadExecutionState
SetThreadIdealProcessor
SetVolumeMountPointA
SuspendThread
UnhandledExceptionFilter
UnregisterWaitEx
VerLanguageNameA
VerifyVersionInfoA
VirtualProtect
VirtualQuery
WaitCommEvent
WideCharToMultiByte
WriteConsoleW
WriteFileEx
WriteFileGather
WritePrivateProfileSectionA
WritePrivateProfileStringA
WritePrivateProfileStructW
WriteProfileStringW
_lcreat
GetStringTypeW
GetStdHandle
GetProfileSectionW
GetProcessVersion
GetProcessTimes
GetProcessHeaps
GetProcessHeap
GetPrivateProfileStructW
GetPrivateProfileSectionW
GetPrivateProfileIntW
GetPrivateProfileIntA
GetNumberOfConsoleMouseButtons
GetNamedPipeInfo
GetMailslotInfo
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesA
GetExitCodeThread
GetEnvironmentVariableW
GetEnvironmentVariableA
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrencyFormatW
GetConsoleAliasesW
GetCommModemStatus
GetCommConfig
GetModuleHandleA
GetBinaryTypeW
GetBinaryType
GetAtomNameW
GetAtomNameA
FreeEnvironmentStringsW
FormatMessageW
FoldStringA
FlushInstructionCache
FindNextFileA
FindFirstFileW
FindCloseChangeNotification
FindClose
ExpandEnvironmentStringsW
ExitThread
EscapeCommFunction
EnumTimeFormatsW
EnumTimeFormatsA
EnumSystemLanguageGroupsW
EnumResourceNamesW
EnumLanguageGroupLocalesW
EnumCalendarInfoW
DosDateTimeToFileTime
DnsHostnameToComputerNameA
DisableThreadLibraryCalls
DeleteVolumeMountPointW
DeleteFileA
DeleteFiber
DefineDosDeviceA
CreateWaitableTimerW
CreateIoCompletionPort
CreateFileW
CreateFileMappingA
CreateDirectoryExA
CreateDirectoryA
CreateConsoleScreenBuffer
CopyFileA
ClearCommError
BuildCommDCBAndTimeoutsW
BeginUpdateResourceW
Beep
AllocConsole
GetProcAddress
ScrollConsoleScreenBufferW

msvcrt

memset

user32

LoadBitmapA

advapi32

RegOpenKeyExA
RegOpenKeyA

oleaut32

VarDateFromUdate
VarDateFromUdateEx
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarFormatCurrency
VarFormatDateTime
VarI1FromDisp
VarI1FromR4
VarI1FromUI1
VarI2FromDate
VarI2FromI1
VarI2FromUI1
VarI4FromCy
VarI4FromDate
VarI4FromI1
VarI4FromStr
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarOr
VarR4CmpR8
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromR8
VarR4FromUI2
VarR4FromUI4
VarR8FromI2
VarR8FromR4
VarR8Pow
VarR8Round
VarRound
VarUI1FromBool
VarUI1FromDec
VarUI1FromR4
VarUI2FromCy
VarUI2FromDate
VarUI2FromDisp
VarUI2FromUI1
VarUI4FromBool
VarUI4FromCy
VarUI4FromI2
VarUI4FromI4
VarUI4FromR4
VarUI4FromStr
VariantChangeType
VariantTimeToDosDateTime
VectorFromBstr
VarDateFromR8
VarDateFromR4
VarDateFromI4
VarDateFromI2
VarDateFromCy
VarCySu
VarCyRound
VarCyMulI4
VarCyMul
VarCyInt
VarCyFromUI4
VarCyFromUI1
VarCyFromI1
VarCyFromDisp
VarCyFromDate
VarCyFix
VarCyCmpR8
VarCyCmp
VarCat
VarBstrFromR8
VarBstrFromR4
VarBstrFromI4
VarBstrFromDisp
VarBstrFromDec
VarBstrFromBool
VarBstrCat
VarBoolFromUI4
VarBoolFromUI2
VarBoolFromStr
VarBoolFromR8
VarBoolFromR4
VarBoolFromI4
VarBoolFromI2
VarBoolFromI1
VARIANT_UserSize
VARIANT_UserMarshal
UnRegisterTypeLi
SysStringByteLen
SysReAllocStringLen
SysFreeString
SafeArrayUnlock
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayDestroyData
SafeArrayCreateVector
SafeArrayAllocData
OleTranslateColor
OleSavePictureFile
OleLoadPictureFile
OleIconToCursor
OleCreatePropertyFrameIndirect
LoadTypeLibEx
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserFree
LPSAFEARRAY_Size
LPSAFEARRAY_Marshal
GetErrorInfo
DosDateTimeToVariantTime
CreateStdDispatch
BstrFromVector
BSTR_UserUnmarshal
BSTR_UserSize
SafeArrayGetVartype

imm32

ImmCreateContext
ImmCreateSoftKeyboard
ImmDestroyContext
ImmDestroyIMCC
ImmDestroySoftKeyboard
ImmDisableIME
ImmEnumInputContext
ImmEnumRegisterWordW
ImmEscapeA
ImmEscapeW
ImmGenerateMessage
ImmGetCandidateListA
ImmGetCandidateListCountW
ImmGetCandidateWindow
ImmGetCompositionFontA
ImmGetCompositionFontW
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmGetCompositionWindow
ImmGetContext
ImmGetConversionListA
ImmGetConversionListW
ImmGetConversionStatus
ImmGetDefaultIMEWnd
ImmGetDescriptionA
ImmGetDescriptionW
ImmGetGuideLineW
ImmGetHotKey
ImmGetIMCLockCount
ImmGetIMEFileNameA
ImmConfigureIMEW
ImmGetImeMenuItemsA
ImmGetImeMenuItemsW
ImmGetOpenStatus
ImmGetProperty
ImmGetRegisterWordStyleA
ImmGetRegisterWordStyleW
ImmGetStatusWindowPos
ImmInstallIMEA
ImmInstallIMEW
ImmIsIME
ImmIsUIMessageW
ImmLockIMC
ImmLockIMCC
ImmNotifyIME
ImmRegisterWordA
ImmRegisterWordW
ImmReleaseContext
ImmRequestMessageA
ImmRequestMessageW
ImmSetCandidateWindow
ImmSetCompositionFontA
ImmSetCompositionFontW
ImmSetCompositionStringA
ImmSetCompositionWindow
ImmSetConversionStatus
ImmSetHotKey
ImmSetOpenStatus
ImmSetStatusWindowPos
ImmShowSoftKeyboard
ImmSimulateHotKey
ImmConfigureIMEA
ImmGetIMEFileNameW
ImmUnlockIMC
ImmUnlockIMCC
ImmUnregisterWordA
ImmUnregisterWordW
ImmAssociateContext

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cec985af4cc513849a70383d8c855a7

Code Sign

78:64:b8:3d:5e:1c:99:46:b0:af:fb:7b:34:75:94:caCertificate

Extended Key Usages

a4:b0:47:d7:38:9e:2b:72:81:9e:5c:e7:9f:ee:af:a1:80:37:fe:f4Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

oleaut32

imm32

Sections

.text Size: 8KB - Virtual size: 8KB

.text1 Size: 2KB - Virtual size: 1KB

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 88B

.rsrc Size: 2KB - Virtual size: 1KB

78:64:b8:3d:5e:1c:99:46:b0:af:fb:7b:34:75:94:ca
Certificate

a4:b0:47:d7:38:9e:2b:72:81:9e:5c:e7:9f:ee:af:a1:80:37:fe:f4
Signer

.text
Size: 8KB - Virtual size: 8KB

.text1
Size: 2KB - Virtual size: 1KB

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 88B

.rsrc
Size: 2KB - Virtual size: 1KB