0d6d66bb9a53260cfc4758f7bd66521e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d6d66bb9a53260cfc4758f7bd66521e_JaffaCakes118
Size

203KB
MD5

0d6d66bb9a53260cfc4758f7bd66521e
SHA1

89242783df3cf6984b6c9e14431b032ca6ce904a
SHA256

feefc15a1fd99883a8ab15255315797d76e7bdfd72f8a377e62087cfe245497b
SHA512

ffdd881a82931f580400ab5ecfc986bef1fce86ba40b78c5bc960fdfe74ca851832e2666d50f9c1154043c2d260c1a25a45476a0396f32a9cd71b2dd62064c05
SSDEEP

6144:TPkUpSa2l4ZITThYyRb9/K2IPFsIjp04:rkUpnIR//KT3j

Score

1^/10

Malware Config

Signatures

Files

0d6d66bb9a53260cfc4758f7bd66521e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

cd5fc37626be115bdae0bbf4bf725f5d

Code Sign

51:58:4f:24:8d:a8:48:41:bb:97:df:9f:a7:44:ce:9c
Certificate

Issuer

CN=oCa3Pc5NCgcd

Not Before

16-03-2012 08:46

Not After

31-12-2039 23:59

Subject

CN=oCa3Pc5NCgcd

Extended Key Usages

ExtKeyUsageCodeSigning

9c:0c:f9:e4:0a:da:92:3c:a1:41:0c:a4:87:23:74:b4:7f:08:f3:27
Signer

Actual PE Digest

9c:0c:f9:e4:0a:da:92:3c:a1:41:0c:a4:87:23:74:b4:7f:08:f3:27

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
lstrcpyA
CreateFileA
ExitProcess
GetWindowsDirectoryA
VirtualAlloc

user32

CascadeChildWindows
CharUpperA
DrawTextExW
EnableMenuItem
EnumDisplaySettingsW
GetDlgItemTextA
GetMenuItemInfoW
GetSystemMenu
GrayStringW
LoadMenuW
PostMessageA
RegisterClassW
TrackPopupMenu
UnregisterClassW
CharLowerBuffW

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyW

ole32

OleDraw
OleDuplicateData
OleGetClipboard
OleInitialize
OleInitializeWOW
OleLoad
OleUninitialize
ProgIDFromCLSID
PropStgNameToFmtId
ReadClassStg
ReadOleStg
RegisterDragDrop
ReleaseStgMedium
SNB_UserMarshal
STGMEDIUM_UserMarshal
StgCreateDocfileOnILockBytes
StgCreatePropSetStg
StgGetIFillLockBytesOnILockBytes
StgOpenPropStg
StgSetTimes
UpdateDCOMSettings
WriteClassStg
WriteClassStm
WriteFmtUserTypeStg
WriteOleStg
HMETAFILE_UserFree
HMENU_UserMarshal
HGLOBAL_UserFree
HENHMETAFILE_UserUnmarshal
HENHMETAFILE_UserMarshal
HDC_UserUnmarshal
HDC_UserFree
OleDoAutoConvert
HACCEL_UserUnmarshal
GetHGlobalFromILockBytes
GetDocumentBitStg
GetConvertStg
GetClassFile
EnableHookObject
CreatePointerMoniker
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CreateAntiMoniker
CoUnmarshalInterface
CoUninitialize
CoTestCancel
CoSwitchCallContext
CoResumeClassObjects
CoReleaseServerProcess
CoImpersonateClient
CoGetTreatAsClass
CoGetStdMarshalEx
CoGetInstanceFromIStorage
CoGetCurrentLogicalThreadId
CoGetClassObject
CoGetCancelObject
CoGetCallerTID
CoGetCallContext
CoFreeLibrary
CoFreeAllLibraries
CoCreateInstance
CoCreateGuid
CoCancelCall
CoBuildVersion
CLSIDFromString
CLIPFORMAT_UserUnmarshal
BindMoniker
OleCreateStaticFromData
OleCreateMenuDescriptor
OleCreateLinkToFileEx
OleCreateLinkFromDataEx
OleCreateLinkEx
OleCreateFromFileEx
OleCreateFromDataEx
OleCreateFromData
OleConvertIStorageToOLESTREAMEx
HMETAFILE_UserMarshal
MkParseDisplayName
HWND_UserFree
HPALETTE_UserSize
HPALETTE_UserMarshal
HBRUSH_UserUnmarshal
HPALETTE_UserFree
OleConvertIStorageToOLESTREAM

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord6
ord7
_TrackMouseEvent
UninitializeFlatSB
ord3
PropertySheetW
PropertySheetA
PropertySheet
ord2
ord13
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
CreatePropertySheetPage
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_ShowScrollBar
ord4
GetMUILanguage
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ord8
CreateToolbarEx
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_Merge
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_DrawEx

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd5fc37626be115bdae0bbf4bf725f5d

Code Sign

51:58:4f:24:8d:a8:48:41:bb:97:df:9f:a7:44:ce:9cCertificate

Extended Key Usages

9c:0c:f9:e4:0a:da:92:3c:a1:41:0c:a4:87:23:74:b4:7f:08:f3:27Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 188KB - Virtual size: 188KB

.data Size: 512B - Virtual size: 88B

.text4 Size: 1024B - Virtual size: 1000B

.text3 Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

51:58:4f:24:8d:a8:48:41:bb:97:df:9f:a7:44:ce:9c
Certificate

9c:0c:f9:e4:0a:da:92:3c:a1:41:0c:a4:87:23:74:b4:7f:08:f3:27
Signer

.text
Size: 188KB - Virtual size: 188KB

.data
Size: 512B - Virtual size: 88B

.text4
Size: 1024B - Virtual size: 1000B

.text3
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB