1b8befac5284c774016c51ef367ac03c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b8befac5284c774016c51ef367ac03c_JaffaCakes118
Size

1.1MB
MD5

1b8befac5284c774016c51ef367ac03c
SHA1

d585b56ef0c0fba089472125733b69c14b32da0e
SHA256

cabce2bddab3214ec0a2d821a6152d4f6efa84e672fe8202380598385b3434fd
SHA512

7087cde8eb1c263884f888ea1d964afeef3e96460a4cddbc35edf2a581852b57e625d95da1e09ab8d65343a0ba58de3039d78ab1535bfb0b868b03bb56172221
SSDEEP

12288:miIWQjTbgcSzM+PbcqZj1CT153Z1UaFoct5doac9TYQMgY8Nzp5ad7:FaAM+D3ZBCr1h6ct5doL9TR5Y8Rad

Score

1^/10

Malware Config

Signatures

Files

1b8befac5284c774016c51ef367ac03c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

163d1beeee2f131501b98bd1e73f577a

Code Sign

a4:7f:50:56:d4:d9:01:b1:c9:5a:62:74:e0:f3:6e:5b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05/02/2008, 00:00

Not After

04/02/2011, 23:59

Subject

CN=Fog Creek Software Inc.,O=Fog Creek Software Inc.,POSTALCODE=10018,STREET=Floor 18+STREET=535 8th Avenue,L=New York,ST=NY,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\code\build\helpers\Windows\Host\Release\Assist\Wrapper.pdb

Imports

wininet

InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenUrlA

shlwapi

PathAppendA
PathFileExistsA

comctl32

ord17

kernel32

WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetLastError
GetTempPathA
GetModuleFileNameA
CreateFileA
CloseHandle
ReadFile
FindResourceA
SizeofResource
LoadResource
FreeResource
LockResource
WriteFile
CreateProcessA
GetFileAttributesA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ResumeThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreA
TlsGetValue
Sleep
SetThreadPriority
TlsSetValue
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
GetCurrentProcess
TlsAlloc
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
MultiByteToWideChar
HeapAlloc
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
ExitThread
CreateThread
LCMapStringA
LCMapStringW
GetCPInfo
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
TlsFree
SetLastError
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

MessageBoxA
PostQuitMessage
LoadStringA
GetDlgItem
IsDialogMessageA
SetWindowPos
GetWindowRect
SystemParametersInfoA
GetMessageA
ShowWindow
DefWindowProcA
GetWindowLongA
CreateWindowExA
PostMessageA
DestroyWindow
SetWindowLongA
RegisterClassExA
SendMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 875KB - Virtual size: 874KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

163d1beeee2f131501b98bd1e73f577a

Code Sign

a4:7f:50:56:d4:d9:01:b1:c9:5a:62:74:e0:f3:6e:5bCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

shlwapi

comctl32

kernel32

user32

advapi32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 875KB - Virtual size: 874KB

a4:7f:50:56:d4:d9:01:b1:c9:5a:62:74:e0:f3:6e:5b
Certificate

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 875KB - Virtual size: 874KB