14d65a0337c9ad1edd678d5770c8dac4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14d65a0337c9ad1edd678d5770c8dac4_JaffaCakes118
Size

55KB
MD5

14d65a0337c9ad1edd678d5770c8dac4
SHA1

2e8ed92b6a7f8da40bcf47c7906f120893c5267c
SHA256

0fe5d1fe0bf8c5758eacaed734b84a9a89417a9250d01a1d39eda9574100f97d
SHA512

1f52a982714ee38f56d7353c6081987bcab42cf667bd504b31634e91b6ef92ad3ec5471ceac2f1ebaa6f732598dc5c426fd1056ea15c6ccef00c1a52e98af366
SSDEEP

768:sG2Kon9PUEycQaUQClLhZ2kyBBnHSDgZJ6GjssO+wcSDPnGMEaOip4K:sGtonKUQaUj3YkAUgZLGDvlEY

Score

1^/10

Malware Config

Signatures

Files

14d65a0337c9ad1edd678d5770c8dac4_JaffaCakes118
.dll windows:5 windows x86 arch:x86

13ad15ef2afd0a1ffbf1e1f97761291f

Code Sign

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75
Certificate

Issuer

CN=etyy inc

Not Before

22/01/2012, 08:05

Not After

31/12/2039, 23:59

Subject

CN=etyy inc

Extended Key Usages

ExtKeyUsageCodeSigning

55:c4:b7:10:62:03:f1:ba:e0:7f:6d:83:12:1a:4e:61:6a:71:2b:b9
Signer

Actual PE Digest

55:c4:b7:10:62:03:f1:ba:e0:7f:6d:83:12:1a:4e:61:6a:71:2b:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
lstrcatW
GetWindowsDirectoryW
GetProcessHeap
LoadLibraryA
GetProcAddress
GetSystemInfo
AddAtomW
BackupSeek
CancelWaitableTimer
CompareStringW
CopyFileExW
CreateDirectoryExA
CreateFileA
CreateHardLinkW
CreateNamedPipeA
CreatePipe
DebugBreak
DefineDosDeviceA
DeleteFileA
DnsHostnameToComputerNameW
EnumCalendarInfoA
EnumResourceLanguagesA
FileTimeToDosDateTime
FillConsoleOutputCharacterW
FindFirstChangeNotificationW
FindFirstFileExW
FindNextChangeNotification
FindNextVolumeA
FindVolumeMountPointClose
FlushConsoleInputBuffer
GetCPInfoExW
GetCommProperties
GetCommandLineA
GetCompressedFileSizeA
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleCP
GetConsoleDisplayMode
GetConsoleTitleW
GetCurrencyFormatA
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceW
GetFileSizeEx
GetFullPathNameA
GetLocaleInfoW
GetLogicalDriveStringsA
GetModuleHandleW
GetNumberFormatA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcessHeaps
GetProcessTimes
GetProfileIntW
GetSystemDefaultLangID
GetSystemTimeAdjustment
GetSystemWindowsDirectoryW
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVolumeNameForVolumeMountPointW
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
HeapDestroy
InitAtomTable
InitializeCriticalSection
IsBadHugeReadPtr
IsDebuggerPresent
IsSystemResumeAutomatic
LocalShrink
MapUserPhysicalPagesScatter
Module32NextW
MoveFileA
MoveFileExW
OpenProcess
OpenSemaphoreA
PeekConsoleInputA
PeekNamedPipe
PurgeComm
ReadDirectoryChangesW
ReadFileEx
ReplaceFile
SetConsoleCursorInfo
SetConsoleScreenBufferSize
SetEnvironmentVariableA
SetEvent
SetFileAttributesA
SetSystemPowerState
SetThreadLocale
SwitchToThread
TerminateThread
TlsSetValue
TryEnterCriticalSection
VerLanguageNameW
VirtualProtect
WaitNamedPipeA
WritePrivateProfileSectionW
lstrcmpi
lstrcpynW

user32

AdjustWindowRect
AnyPopup
BringWindowToTop
CharPrevW
CharToOemBuffA
ClientToScreen
CreateDesktopA
CreateDesktopW
CreateMDIWindowW
CreateWindowExW
DdeCmpStringHandles
DdeQueryStringW
DdeSetUserHandle
DefFrameProcA
DeferWindowPos
DialogBoxIndirectParamA
DlgDirSelectComboBoxExW
DragDetect
DragObject
DrawFrameControl
DrawStateA
EnableMenuItem
EnableScrollBar
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumWindowStationsA
FindWindowA
GetAncestor
GetClassInfoExA
GetClassInfoW
GetClassLongA
GetClassNameW
GetClipboardFormatNameW
GetDC
GetDialogBaseUnits
GetDlgItem
GetIconInfo
GetKeyNameTextA
GetMenuItemRect
GetNextDlgTabItem
GetUpdateRect
GetWindow
GetWindowLongW
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowRgn
GetWindowThreadProcessId
GetWindowWord
GrayStringA
HideCaret
IMPGetIMEA
InternalGetWindowText
InvalidateRect
IsCharUpperA
IsDialogMessageW
IsWindowUnicode
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutW
LockWindowUpdate
MapVirtualKeyExW
ModifyMenuW
MsgWaitForMultipleObjectsEx
OpenDesktopA
RegisterDeviceNotificationA
ReuseDDElParam
ScrollWindow
SendDlgItemMessageW
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetClassLongA
SetClipboardData
SetDoubleClickTime
SetFocus
SetForegroundWindow
SetLastErrorEx
SetMessageExtraInfo
SetRect
SetScrollPos
SetThreadDesktop
SetTimer
SetUserObjectSecurity
SetWindowLongW
ShowWindowAsync
SubtractRect
SwitchToThisWindow
TabbedTextOutA
TrackPopupMenu
UnloadKeyboardLayout
mouse_event

ole32

BindMoniker
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCancelCall
CoFileTimeNow
CoFreeAllLibraries
CoGetCallContext
CoGetCancelObject
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetInterfaceAndReleaseStream
CoIsOle1Class
CoLockObjectExternal
CoMarshalHresult
CoMarshalInterface
CoQueryProxyBlanket
CoReactivateObject
CoRegisterClassObject
CoRegisterMessageFilter
CoRegisterSurrogate
CoRegisterSurrogateEx
CoRevokeMallocSpy
CoSetCancelObject
CoTreatAsClass
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateAntiMoniker
CreateClassMoniker
CreateFileMoniker
CreateILockBytesOnHGlobal
DllDebugObjectRPCHook
FreePropVariantArray
GetConvertStg
GetHGlobalFromStream
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBITMAP_UserSize
HBITMAP_UserUnmarshal
HBRUSH_UserUnmarshal
HDC_UserUnmarshal
HGLOBAL_UserFree
HICON_UserUnmarshal
HMETAFILE_UserMarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserUnmarshal
HWND_UserUnmarshal
MkParseDisplayName
MonikerCommonPrefixWith
OleCreateDefaultHandler
OleCreateEx
OleCreateFromData
OleCreateFromFileEx
OleCreateLinkEx
OleCreateLinkToFileEx
OleCreateMenuDescriptor
OleGetAutoConvert
OleGetClipboard
OleInitializeWOW
OleLoad
OleQueryCreateFromData
OleRegEnumVerbs
OleSave
OleSetMenuDescriptor
OleTranslateAccelerator
OleUninitialize
OpenOrCreateStream
ReadClassStg
RegisterDragDrop
SNB_UserMarshal
SNB_UserUnmarshal
STGMEDIUM_UserMarshal
StgCreateDocfile
StgCreateStorageEx
StgOpenStorageOnILockBytes
UpdateDCOMSettings
WdtpInterfacePointer_UserFree
WriteClassStg
WriteStringStream

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13ad15ef2afd0a1ffbf1e1f97761291f

Code Sign

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75Certificate

Extended Key Usages

55:c4:b7:10:62:03:f1:ba:e0:7f:6d:83:12:1a:4e:61:6a:71:2b:b9Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 540B

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 1KB

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75
Certificate

55:c4:b7:10:62:03:f1:ba:e0:7f:6d:83:12:1a:4e:61:6a:71:2b:b9
Signer

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 540B

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 1KB