0798e5d9817bfe72621e4c37b15ba091_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0798e5d9817bfe72621e4c37b15ba091_JaffaCakes118
Size

214KB
MD5

0798e5d9817bfe72621e4c37b15ba091
SHA1

ebf96934b83bdb30bf2f5ac9034cd1584c07585c
SHA256

5bcc5bae1cd8db0b779afc4b02b9ca58cfb4f3222c2df0d02d4454cff2483a6e
SHA512

69cb2e40a78d0a2c4ccb1cfe8a8aabe30ed37644e3fc0fb641d2ace97e00207e8358a95fbd9d5eedb881be37475d623681b3694caa7c3d1fdc21870c2c5bf88c
SSDEEP

6144:EBWqAmKMlHpNceVIUtuGahHfwsrbshqbocmOWvhcB:/qAmKMlkeVLm5fhrgd/Bhq

Score

1^/10

Malware Config

Signatures

Files

0798e5d9817bfe72621e4c37b15ba091_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a35af529b86e6e62523e677f1eb58abb

Code Sign

28:20:01:7a:4a:72:db:56:b8:ce:01:c6:34:c1:d6:e9
Certificate

Issuer

CN=eryer

Not Before

05/02/2012, 09:13

Not After

31/12/2039, 23:59

Subject

CN=eryer

Extended Key Usages

ExtKeyUsageCodeSigning

8f:2e:5a:67:94:81:6b:84:e1:e5:61:a2:f9:25:95:91:89:6b:17:bd
Signer

Actual PE Digest

8f:2e:5a:67:94:81:6b:84:e1:e5:61:a2:f9:25:95:91:89:6b:17:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetWindowsDirectoryW
lstrcatW
CreateFileW
GetSystemInfo
GetProcessHeap

msvcrt

memset

user32

DefDlgProcA
DefFrameProcA
DefMDIChildProcW
DlgDirListW
DlgDirSelectExW
DrawFrameControl
DrawStateW
EnumDesktopsW
EnumPropsW
EnumWindowStationsA
FillRect
FindWindowExW
GetAltTabInfoW
GetClassInfoA
GetClassInfoExA
GetClipCursor
GetClipboardData
GetComboBoxInfo
GetCursor
GetDCEx
GetGuiResources
GetKeyboardLayoutList
GetKeyboardState
GetMenuCheckMarkDimensions
GetMenuItemInfoA
GetMenuStringA
GetMenuStringW
GetMessageA
GetWindowLongW
GetWindowModuleFileName
GetWindowModuleFileNameW
IMPSetIMEW
DdeUninitialize
InflateRect
InvalidateRect
IsCharUpperW
IsDialogMessage
IsDialogMessageA
IsDialogMessageW
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadCursorFromFileA
LoadIconW
LoadMenuW
MonitorFromRect
OffsetRect
OpenClipboard
OpenDesktopW
OpenIcon
PackDDElParam
RealGetWindowClassW
RegisterClassW
RemovePropA
SendIMEMessageExW
SendMessageTimeoutA
SetCaretBlinkTime
SetClipboardData
SetDeskWallpaper
SetMenuItemBitmaps
SetMenuItemInfoA
SetScrollPos
SetUserObjectInformationA
SetWindowContextHelpId
SetWindowPos
SetWindowTextA
SetWindowsHookExA
SetWindowsHookExW
UnregisterClassW
UserHandleGrantAccess
ValidateRect
VkKeyScanExW
DdeSetQualityOfService
DdeReconnect
DdeNameService
DdeGetLastError
DdeFreeDataHandle
DdeCreateStringHandleW
DdeConnectList
DdeClientTransaction
CreateWindowExA
CreatePopupMenu
CreateMDIWindowW
CreateDesktopW
CloseWindowStation
ChildWindowFromPointEx
CheckMenuRadioItem
CharToOemBuffA
ChangeDisplaySettingsExA
AttachThreadInput
AllowSetForegroundWindow
InSendMessage

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
ChooseColorA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a35af529b86e6e62523e677f1eb58abb

Code Sign

28:20:01:7a:4a:72:db:56:b8:ce:01:c6:34:c1:d6:e9Certificate

Extended Key Usages

8f:2e:5a:67:94:81:6b:84:e1:e5:61:a2:f9:25:95:91:89:6b:17:bdSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

comdlg32

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 484B

.text2 Size: 197KB - Virtual size: 196KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

28:20:01:7a:4a:72:db:56:b8:ce:01:c6:34:c1:d6:e9
Certificate

8f:2e:5a:67:94:81:6b:84:e1:e5:61:a2:f9:25:95:91:89:6b:17:bd
Signer

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 484B

.text2
Size: 197KB - Virtual size: 196KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB