19001bf9f0141bb2c43a83d700d2863b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19001bf9f0141bb2c43a83d700d2863b_JaffaCakes118
Size

37KB
MD5

19001bf9f0141bb2c43a83d700d2863b
SHA1

82e8cb3fb700689596f5f7db63eb9979c94a783c
SHA256

116652f7785adcd3e2eed3ce79e1b522f6f14b07903955580f3172e07a6dc4cb
SHA512

3a7673b8161ef6dae678a788fed6f9db8f2bf463e7c733b655052331ff4f53e0b8dc0c5c1f85d8a0a5a763099ebeb3d63e866c49dde498ac2dc3321b5a65c67b
SSDEEP

768:INfIBNi1jWDPi8Ya6djh2lqo3Lm0mr0JBo:agbtDPi9D2lqo3C34Q

Score

1^/10

Malware Config

Signatures

Files

19001bf9f0141bb2c43a83d700d2863b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3cb79dfba04bc5c340953a1c8decded

Code Sign

04:50:e5:2a:1c:86:e5:63:b4:5d:25:7b:f1:42:28:d5
Certificate

Issuer

CN=etvwberuyn568

Not Before

18/01/2012, 07:47

Not After

31/12/2039, 23:59

Subject

CN=etvwberuyn568

Extended Key Usages

ExtKeyUsageCodeSigning

fb:18:ec:54:28:ea:84:34:cf:dd:f6:3e:85:ff:89:a2:ab:cc:60:b8
Signer

Actual PE Digest

fb:18:ec:54:28:ea:84:34:cf:dd:f6:3e:85:ff:89:a2:ab:cc:60:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
ExitProcess
VirtualAlloc

user32

DrawTextA
DrawStateA
DlgDirSelectExA
DialogBoxIndirectParamA
DefMDIChildProcA
DdeInitializeA
DdeImpersonateClient
DdeAccessData
CreateIconFromResource
CreateDesktopA
CopyImage
CopyIcon
CloseClipboard
ClientToScreen
CharPrevA
CharLowerW
ChangeMenuW
ChangeClipboardChain
CascadeChildWindows
CallMsgFilter
BringWindowToTop
AdjustWindowRectEx
ActivateKeyboardLayout
EmptyClipboard
EnableScrollBar
EnumDisplayDevicesW
EnumDisplaySettingsW
EnumWindows
GetActiveWindow
GetClipCursor
GetClipboardData
GetClipboardFormatNameA
GetComboBoxInfo
GetKeyNameTextA
GetKeyNameTextW
GetMenuItemCount
GetMenuItemInfoW
GetMenuStringW
GetNextDlgGroupItem
GetProcessDefaultLayout
GetProcessWindowStation
GetWindowLongW
GetWindowThreadProcessId
InsertMenuA
InternalGetWindowText
IsDialogMessage
IsDialogMessageA
IsDlgButtonChecked
IsWindow
LoadKeyboardLayoutA
LoadStringW
MessageBeep
MessageBoxExA
MessageBoxExW
MonitorFromPoint
OemToCharA
OpenDesktopW
PostThreadMessageA
RegisterClipboardFormatA
ReleaseCapture
ReplyMessage
ScrollDC
SendDlgItemMessageW
SendMessageTimeoutW
SetClassLongA
SetClipboardViewer
SetDebugErrorLevel
SetDlgItemInt
SetLastErrorEx
SetMenuInfo
SetProcessWindowStation
SetPropW
SetRectEmpty
SetWinEventHook
SetWindowContextHelpId
SetWindowTextA
ToUnicodeEx
TranslateMessage
UnloadKeyboardLayout
UnregisterHotKey
wvsprintfA
wsprintfW
wsprintfA
WinHelpW
WinHelpA
WINNLSGetEnableStatus
VkKeyScanExA
ValidateRgn
UpdateWindow

gdi32

CreateMetaFileW
CreateMetaFileA
CreatePolyPolygonRgn
CreateRectRgnIndirect
PolylineTo
bMakePathNameW
XLATEOBJ_iXlate
XLATEOBJ_cGetPalette
TranslateCharsetInfo
StretchDIBits
StretchBlt
StartFormPage
SetWindowExtEx
SetWinMetaFileBits
SetViewportExtEx
SetTextJustification
SetTextCharacterExtra
SetMiterLimit
SetICMProfileA
SetEnhMetaFileBits
SelectBrushLocal
SaveDC
CreateFontA
Polyline
PolyTextOutW
PolyPolyline
PolyBezier
PlayMetaFile
PlayEnhMetaFileRecord
PatBlt
LineDDA
InvertRgn
GetWindowOrgEx
GetTextMetricsA
GetTextFaceAliasW
GetTextExtentPoint32W
GetTextExtentPoint32A
GetTextExtentExPointI
GetSystemPaletteEntries
GetRasterizerCaps
GetRandomRgn
GetObjectW
GetObjectType
GetMetaRgn
GetKerningPairsW
GetKerningPairsA
GetHFONT
GetGlyphOutlineA
GetGlyphOutline
GetGlyphIndicesA
GetFontLanguageInfo
GetEnhMetaFilePixelFormat
GetDIBColorTable
GetDCPenColor
GetDCOrgEx
GetDCBrushColor
GetCurrentPositionEx
GetCharacterPlacementW
GetCharWidthW
GetCharWidth32W
GetBrushOrgEx
GetBitmapBits
GdiStartPageEMF
GdiReleaseDC
GdiInitializeLanguagePack
GdiGetLocalBrush
GdiEntry5
GdiEntry12
GdiEntry11
GdiCreateLocalMetaFilePict
GdiConvertToDevmodeW
GdiConvertBrush
GdiConvertBitmapV5
GdiConsoleTextOut
GdiComment
GdiAlphaBlend
FloodFill
FixBrushOrgEx
FONTOBJ_pvTrueTypeFontFile
ExtTextOutW
ExcludeClipRect
EnumICMProfilesA
EnumFontFamiliesExA
EngUnicodeToMultiByteN
EngReleaseSemaphore
EngPaint
EngLockSurface
EngGetCurrentCodePage
EngDeleteSurface
EngCreateDeviceBitmap
EngBitBlt
EngAssociateSurface
BRUSHOBJ_pvAllocRbrush
CLIPOBJ_bEnum
CreateEllipticRgn
EndPath

advapi32

RegOpenKeyW

shell32

SHFormatDrive
Shell_NotifyIconA
Shell_NotifyIcon
ShellExecuteW
ShellExecuteExW
ShellExecuteEx
ShellExecuteA
ShellAboutW
ShellAboutA
SHQueryRecycleBinA
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstW
DragAcceptFiles
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExW
ExtractIconEx
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHBindToParent
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHPathPrepareForWriteW
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetMalloc
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHInvokePrinterCommandW
SHIsFileAvailableOffline
Shell_NotifyIconW

ole32

CoFreeUnusedLibraries
CoGetInstanceFromFile
CoGetMarshalSizeMax
CoGetObject
CoGetPSClsid
CoGetStdMarshalEx
CoGetTreatAsClass
CoInitialize
CoIsOle1Class
CoMarshalInterThreadInterfaceInStream
CoQueryClientBlanket
CoRegisterChannelHook
CoRegisterMessageFilter
CoRegisterSurrogate
CoRevokeMallocSpy
CoTaskMemAlloc
CoTaskMemFree
CoUnmarshalInterface
CreateBindCtx
CreateOleAdviseHolder
EnableHookObject
FmtIdToPropStgName
GetClassFile
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBITMAP_UserMarshal
HBITMAP_UserSize
HENHMETAFILE_UserFree
HENHMETAFILE_UserSize
HENHMETAFILE_UserUnmarshal
HGLOBAL_UserFree
HGLOBAL_UserMarshal
HICON_UserMarshal
HMENU_UserUnmarshal
HMETAFILE_UserFree
HMETAFILE_UserUnmarshal
HPALETTE_UserFree
OleConvertIStorageToOLESTREAMEx
OleCreateEx
OleCreateFromData
OleCreateLinkFromData
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleGetIconOfClass
OleLoadFromStream
OleQueryLinkFromData
OleRegGetMiscStatus
OleRegGetUserType
OleSaveToStream
OleSetContainedObject
OleTranslateAccelerator
ProgIDFromCLSID
PropStgNameToFmtId
PropVariantClear
ReadClassStg
ReadClassStm
ReadOleStg
RegisterDragDrop
SNB_UserFree
SNB_UserSize
STGMEDIUM_UserFree
SetConvertStg
SetDocumentBitStg
StgGetIFillLockBytesOnFile
StgGetIFillLockBytesOnILockBytes
StgIsStorageFile
StgOpenAsyncDocfileOnIFillLockBytes
StgSetTimes
StringFromCLSID
StringFromIID
UtConvertDvtd32toDvtd16
WdtpInterfacePointer_UserUnmarshal
WriteOleStg
WriteStringStream
CoFileTimeNow
CoEnableCallCancellation
CoCreateInstance
CoCreateGuid
CoCopyProxy
CoCancelCall
CoBuildVersion
CoAddRefServerProcess
CLSIDFromProgIDEx
CoCreateObjectInContext

shlwapi

StrChrA
StrChrIA
StrCmpNA
StrCmpNIA
StrCmpNIW
StrRChrIA
StrRChrW
StrRStrIA
StrRStrIW

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ddg
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3cb79dfba04bc5c340953a1c8decded

Code Sign

04:50:e5:2a:1c:86:e5:63:b4:5d:25:7b:f1:42:28:d5Certificate

Extended Key Usages

fb:18:ec:54:28:ea:84:34:cf:dd:f6:3e:85:ff:89:a2:ab:cc:60:b8Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 11KB - Virtual size: 10KB

.ddg Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 132B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

04:50:e5:2a:1c:86:e5:63:b4:5d:25:7b:f1:42:28:d5
Certificate

fb:18:ec:54:28:ea:84:34:cf:dd:f6:3e:85:ff:89:a2:ab:cc:60:b8
Signer

.text
Size: 11KB - Virtual size: 10KB

.ddg
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 132B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB