22b4f5eb3b2f19616b63fe2074e6050c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22b4f5eb3b2f19616b63fe2074e6050c_JaffaCakes118
Size

96KB
MD5

22b4f5eb3b2f19616b63fe2074e6050c
SHA1

da8443d981c9d339c00be19607f83d70571888be
SHA256

5c1ba7251c77280019aa798ca2c8e049ba8f653bea008300dba04ed27606f2a2
SHA512

7671348fd65bcc18dce191b0ddb90bd5badfb3998506ea4f5716ddee0492a191968da12febbf0d2b1a4e9f94c682142870780d9dc2a02216439229946ceac32d
SSDEEP

1536:RG17ho07RsmZVn6KxH/oILyZiahkb7OUUMQm7YK7AI+FG9I7Q:RG17O071n6K1hfb7OUUnm7YK7AI0G9I

Score

1^/10

Malware Config

Signatures

Files

22b4f5eb3b2f19616b63fe2074e6050c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

323084440404fc4807174482dfc9de09

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

Issuer

CN=K6cyVsKULMDi

Not Before

15/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=K6cyVsKULMDi

Extended Key Usages

ExtKeyUsageCodeSigning

54:c7:77:54:cc:b3:53:4f:1d:6c:b8:16:3e:36:3a:2e:82:09:b4:7b
Signer

Actual PE Digest

54:c7:77:54:cc:b3:53:4f:1d:6c:b8:16:3e:36:3a:2e:82:09:b4:7b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
CreateFileW
lstrlenW
lstrcpyW
VirtualAlloc

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyExA

shlwapi

StrCmpIW
StrCmpW
StrCpyW
StrDupW
StrFormatKBSizeW
StrNCatW
StrRStrIA
StrStrIA
StrStrIW
StrStrW
StrTrimA
StrTrimW
UrlCanonicalizeA
UrlCanonicalizeW
UrlHashA
UrlIsA
UrlIsNoHistoryA
UrlUnescapeA
UrlUnescapeW
wnsprintfW
wvnsprintfW
StrCatW
SHSetThreadRef
SHRegWriteUSValueA
SHRegQueryInfoUSKeyW
SHRegGetUSValueW
SHRegGetPathA
SHRegGetBoolUSValueW
SHRegEnumUSValueW
SHRegDuplicateHKey
SHRegDeleteUSValueW
SHRegCloseUSKey
SHQueryInfoKeyA
SHIsLowMemoryMachine
SHGetThreadRef
SHDeleteValueW
SHDeleteValueA
SHDeleteKeyA
ord16
SHCopyKeyW
PathUnquoteSpacesW
PathStripToRootW
PathStripPathA
PathSkipRootA
PathSearchAndQualifyA
PathRenameExtensionA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashW
PathRelativePathToW
PathRelativePathToA
PathMatchSpecA
PathIsUNCServerShareA
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsPrefixA
PathIsNetworkPathA
PathIsLFNFileSpecA
PathIsFileSpecW
PathIsDirectoryW
PathIsContentTypeA
PathGetDriveNumberW
PathGetArgsA
PathFindFileNameW
PathCombineW
PathCanonicalizeA
PathBuildRootA
PathAppendW
PathAddBackslashW
PathAddBackslashA
GetMenuPosFromID
ColorRGBToHLS
ColorAdjustLuma
ChrCmpIA
AssocQueryKeyW
AssocCreate
SHRegQueryUSValueA

comctl32

CreatePropertySheetPageW
CreateStatusWindow
ord6
CreateStatusWindowW
ord7
CreateToolbarEx
ord16
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollPos
FlatSB_GetScrollProp
FlatSB_GetScrollRange
CreatePropertySheetPage
FlatSB_SetScrollPos
FlatSB_ShowScrollBar
ord4
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
FlatSB_SetScrollInfo
_TrackMouseEvent
ord3
PropertySheetW
PropertySheetA
ord2
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetBkColor
ImageList_Replace
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ord8

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

323084440404fc4807174482dfc9de09

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8Certificate

Extended Key Usages

54:c7:77:54:cc:b3:53:4f:1d:6c:b8:16:3e:36:3a:2e:82:09:b4:7bSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

shlwapi

comctl32

Sections

.text Size: 83KB - Virtual size: 83KB

.data Size: 512B - Virtual size: 224B

.v2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 285KB

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

54:c7:77:54:cc:b3:53:4f:1d:6c:b8:16:3e:36:3a:2e:82:09:b4:7b
Signer

.text
Size: 83KB - Virtual size: 83KB

.data
Size: 512B - Virtual size: 224B

.v2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 285KB