1742aa40e71ea397632faeb812134689_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1742aa40e71ea397632faeb812134689_JaffaCakes118
Size

70KB
MD5

1742aa40e71ea397632faeb812134689
SHA1

91d26b6679549f6c4d195bd92f34b717fb53136b
SHA256

0ab6a4d9321a9cbd08a7b0cdb8e9ba16fd47942b38b619ed7697b1b642081433
SHA512

52b74d7dfaa724becdbf6dbed11d1c52b1464611663fd4879893e1194a3ca72724bc17dc17351321c6ea374635091a6a39caea122f9e9273b675252f68cb2398
SSDEEP

768:Fn7GUaee3RVmnLZWt99V/y3KBB5I9DZWKY/k+AlRfYRIoYQDP3nmYflT/gAunO:te3MLUtYa5mVbUKfWIofUAu

Score

1^/10

Malware Config

Signatures

Files

1742aa40e71ea397632faeb812134689_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0051791d933edf2c1db79240779d436f

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

Issuer

CN=erqwerqwert23623

Not Before

05/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=erqwerqwert23623

Extended Key Usages

ExtKeyUsageCodeSigning

e3:6b:05:a1:84:a2:7d:33:9e:14:41:72:65:78:b7:ae:6f:ee:fa:c1
Signer

Actual PE Digest

e3:6b:05:a1:84:a2:7d:33:9e:14:41:72:65:78:b7:ae:6f:ee:fa:c1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetCommState
lstrcpyA
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
CreateFileA
VirtualAlloc

user32

AllowSetForegroundWindow
AppendMenuW
CallMsgFilter
ChangeMenuW
CharToOemBuffW
CharUpperBuffA
CheckDlgButton
ChildWindowFromPoint
CopyAcceleratorTableA
CopyRect
CreateAcceleratorTableA
CreateDialogIndirectParamA
CreateDialogParamA
CreateIconIndirect
CreateWindowExA
DdeFreeStringHandle
DdeImpersonateClient
DdeNameService
DdeUninitialize
DefDlgProcA
DefDlgProcW
DeferWindowPos
DeleteMenu
DestroyMenu
DlgDirListComboBoxA
DlgDirSelectComboBoxExA
DrawAnimatedRects
DrawIconEx
DrawMenuBar
DrawStateA
DrawTextA
EnableMenuItem
EnumDisplayDevicesA
EnumDisplaySettingsA
ExitWindowsEx
FindWindowW
FlashWindowEx
FrameRect
GetClipboardData
GetClipboardFormatNameA
GetClipboardSequenceNumber
GetCursor
GetDlgItem
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
GetMenuCheckMarkDimensions
GetMenuItemID
GetMenuItemRect
GetMessageW
GetPriorityClipboardFormat
GetQueueStatus
GetShellWindow
GetTabbedTextExtentW
GetThreadDesktop
IMPSetIMEA
InvertRect
IsCharAlphaA
IsCharAlphaNumericA
LoadStringW
LookupIconIdFromDirectory
MonitorFromRect
MsgWaitForMultipleObjects
OemKeyScan
OemToCharBuffA
OffsetRect
OpenInputDesktop
OpenWindowStationA
PostThreadMessageA
RegisterClassA
RegisterDeviceNotificationA
RegisterDeviceNotificationW
RegisterHotKey
ReplyMessage
ScrollDC
SetMenuItemInfoA
SetMessageExtraInfo
SetScrollPos
SetUserObjectInformationW
SetWindowPos
SetWindowTextA
SetWindowsHookExW
TrackPopupMenu
UnhookWindowsHook
UnregisterClassA
VkKeyScanW
WINNLSEnableIME
WINNLSGetIMEHotkey
WindowFromDC
wvsprintfA

ole32

CLIPFORMAT_UserFree
CLIPFORMAT_UserSize
CoAddRefServerProcess
CoCancelCall
CoCreateGuid
CoCreateInstance
CoDosDateTimeToFileTime
CoGetCallContext
CoGetCallerTID
CoGetCancelObject
CoGetClassObject
CoGetCurrentProcess
CoGetInterfaceAndReleaseStream
CoGetObjectContext
CoGetPSClsid
CoGetStandardMarshal
CoGetTreatAsClass
CoInitialize
CoLoadLibrary
CoQueryClientBlanket
CoRegisterPSClsid
CoResumeClassObjects
CoRevokeClassObject
CoSetCancelObject
CoSetProxyBlanket
CoSuspendClassObjects
CoUnmarshalHresult
CreateDataAdviseHolder
CreateDataCache
CreateILockBytesOnHGlobal
CreateStdProgressIndicator
EnableHookObject
FmtIdToPropStgName
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBRUSH_UserFree
HBRUSH_UserSize
HBRUSH_UserUnmarshal
HDC_UserFree
HENHMETAFILE_UserFree
HGLOBAL_UserMarshal
HICON_UserMarshal
HICON_UserSize
HICON_UserUnmarshal
HMETAFILE_UserMarshal
HMETAFILE_UserSize
HMETAFILE_UserUnmarshal
HPALETTE_UserFree
HPALETTE_UserSize
MonikerRelativePathTo
OleConvertIStorageToOLESTREAM
OleConvertIStorageToOLESTREAMEx
OleCreateDefaultHandler
OleCreateFromFile
OleCreateFromFileEx
OleCreateStaticFromData
OleDuplicateData
OleGetIconOfClass
OleInitializeWOW
OleIsCurrentClipboard
OleLoad
OleLockRunning
OleRegEnumVerbs
OleRun
OleSetAutoConvert
OleSetMenuDescriptor
PropStgNameToFmtId
ReadFmtUserTypeStg
SNB_UserFree
SNB_UserUnmarshal
SetDocumentBitStg
StgConvertVariantToProperty
StgCreatePropStg
StgGetIFillLockBytesOnILockBytes
StgIsStorageFile
StgIsStorageILockBytes
StgOpenStorageEx
StgOpenStorageOnILockBytes
StringFromIID
UtConvertDvtd32toDvtd16
WdtpInterfacePointer_UserFree

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0051791d933edf2c1db79240779d436f

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33Certificate

Extended Key Usages

e3:6b:05:a1:84:a2:7d:33:9e:14:41:72:65:78:b7:ae:6f:ee:fa:c1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 980B

.text Size: 56KB - Virtual size: 55KB

.text2 Size: 1024B - Virtual size: 800B

.reloc Size: 1KB - Virtual size: 1KB

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

e3:6b:05:a1:84:a2:7d:33:9e:14:41:72:65:78:b7:ae:6f:ee:fa:c1
Signer

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 980B

.text
Size: 56KB - Virtual size: 55KB

.text2
Size: 1024B - Virtual size: 800B

.reloc
Size: 1KB - Virtual size: 1KB