2214e14aad574dc3e432914963af603c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2214e14aad574dc3e432914963af603c_JaffaCakes118
Size

117KB
MD5

2214e14aad574dc3e432914963af603c
SHA1

097cf62aa5e9e8f43173d120c290bb58cd691dcb
SHA256

e7c66328e229fb47eca16b77b5c0c8bea35791b15ad7c322282e37447d8ff479
SHA512

d72436ce3a5441dd6f3a70400f9f4d9506d7f47ccb2747a807caf29ec9dbff63c2e7c3e1bda3bc63c2beedcc0690388af09118624bdb9792992d9b2ebfcce52b
SSDEEP

1536:Br/9vFNQxf9tsBhKzw9jUPxxXIh0FCVNG3Q/qIh0FCVNG3Q/Ju8du:BL9tNiANY5xXzoG3QCzoG3QMcu

Score

1^/10

Malware Config

Signatures

Files

2214e14aad574dc3e432914963af603c_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fbce3773a1f8ae211a8c4b2d666c7a7b

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

Issuer

CN=234g634gh3

Not Before

26/02/2012, 06:07

Not After

31/12/2039, 23:59

Subject

CN=234g634gh3

Extended Key Usages

ExtKeyUsageCodeSigning

51:b2:23:de:47:ec:3c:91:fc:c4:26:e5:7c:8c:ab:00:de:7f:87:06
Signer

Actual PE Digest

51:b2:23:de:47:ec:3c:91:fc:c4:26:e5:7c:8c:ab:00:de:7f:87:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetProcAddress
LoadLibraryA
InterlockedCompareExchange

user32

DragObject
DrawCaption
DrawIcon
DrawTextExA
EditWndProc
EndTask
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExW
EnumDisplaySettingsW
ExcludeUpdateRgn
FillRect
FindWindowA
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetClassInfoExA
GetClipboardSequenceNumber
GetDoubleClickTime
GetFocus
GetGUIThreadInfo
GetKBCodePage
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuStringW
GetMonitorInfoA
GetScrollInfo
GetWindow
GetWindowInfo
GetWindowModuleFileName
GetWindowModuleFileNameW
GetWindowThreadProcessId
InSendMessage
InsertMenuA
InternalGetWindowText
IsCharAlphaNumericW
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsZoomed
LoadBitmapW
LoadCursorFromFileA
MessageBoxIndirectA
MessageBoxIndirectW
ModifyMenuA
MonitorFromWindow
OemKeyScan
OpenDesktopA
PackDDElParam
PeekMessageA
PostMessageW
RegisterClassExA
RegisterDeviceNotificationA
RemovePropA
ScreenToClient
SendMessageW
SetClassLongA
SetCursorPos
SetDlgItemInt
SetMenuItemInfoW
SetWindowTextW
SwapMouseButton
SystemParametersInfoW
UnpackDDElParam
UserHandleGrantAccess
VkKeyScanA
WinHelpW
wsprintfW
wvsprintfW
DispatchMessageA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DestroyMenu
DefFrameProcA
DdeSetQualityOfService
DdeQueryStringW
DdeKeepStringHandle
CreateWindowStationW
CreateWindowStationA
CreateDialogParamW
CreateCaret
CopyImage
CopyAcceleratorTableW
ChildWindowFromPointEx
CheckDlgButton
CharUpperBuffW
CharToOemBuffA
CharNextW
CallMsgFilter
AttachThreadInput

comdlg32

ChooseColorA
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
ChooseColorW

ole32

BindMoniker
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLSIDFromProgIDEx
CoCancelCall
CoCreateInstance
CoFileTimeToDosDateTime
CoGetCallerTID
CoGetCurrentLogicalThreadId
CoGetInterfaceAndReleaseStream
CoGetObjectContext
CoGetStdMarshalEx
CoInitialize
CoLoadLibrary
CoRegisterPSClsid
CoRegisterSurrogate
CoResumeClassObjects
CoRevertToSelf
CoRevokeMallocSpy
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoTestCancel
CoTreatAsClass
CoUninitialize
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateItemMoniker
CreateStdProgressIndicator
EnableHookObject
GetConvertStg
GetDocumentBitStg
GetHGlobalFromStream
GetHookInterface
HACCEL_UserMarshal
HBITMAP_UserUnmarshal
HBRUSH_UserSize
HDC_UserUnmarshal
HENHMETAFILE_UserSize
HGLOBAL_UserFree
HMENU_UserMarshal
HMENU_UserUnmarshal
HPALETTE_UserFree
HPALETTE_UserMarshal
HPALETTE_UserSize
HPALETTE_UserUnmarshal
HWND_UserUnmarshal
IsAccelerator
OleConvertIStorageToOLESTREAMEx
OleCreateEx
OleCreateFromData
OleCreateLink
OleCreateLinkEx
OleCreateStaticFromData
OleDraw
OleGetClipboard
OleGetIconOfClass
OleInitialize
OleLockRunning
OleRegEnumFormatEtc
OleRegEnumVerbs
OleRun
OleSetAutoConvert
OleSetClipboard
OleUninitialize
ProgIDFromCLSID
PropVariantCopy
ReadClassStg
ReadFmtUserTypeStg
RevokeDragDrop
SetDocumentBitStg
StgConvertVariantToProperty
StgCreateDocfile
StgCreatePropStg
StgCreateStorageEx
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorage
StgOpenStorageOnILockBytes
StgPropertyLengthAsVariant
StringFromCLSID
StringFromIID
WriteClassStm
WriteFmtUserTypeStg

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbce3773a1f8ae211a8c4b2d666c7a7b

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5aCertificate

Extended Key Usages

51:b2:23:de:47:ec:3c:91:fc:c4:26:e5:7c:8c:ab:00:de:7f:87:06Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 648B

.text6 Size: 1KB - Virtual size: 1KB

.text1 Size: 1024B - Virtual size: 1000B

.text2 Size: 1024B - Virtual size: 1000B

.text5 Size: 17KB - Virtual size: 17KB

.rsrc Size: 82KB - Virtual size: 81KB

.reloc Size: 2KB - Virtual size: 1KB

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

51:b2:23:de:47:ec:3c:91:fc:c4:26:e5:7c:8c:ab:00:de:7f:87:06
Signer

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 648B

.text6
Size: 1KB - Virtual size: 1KB

.text1
Size: 1024B - Virtual size: 1000B

.text2
Size: 1024B - Virtual size: 1000B

.text5
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 82KB - Virtual size: 81KB

.reloc
Size: 2KB - Virtual size: 1KB