25400dc4cfeebe7e6b0d7a0c117a1c21_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

25400dc4cfeebe7e6b0d7a0c117a1c21_JaffaCakes118
Size

186KB
MD5

25400dc4cfeebe7e6b0d7a0c117a1c21
SHA1

3b2fe621f744ac2959a579bbaabed39a22025246
SHA256

3b1dd00378a19e0a1106753c54a02066840b313155523e7a7e89632f6a7a9250
SHA512

efc4e63ae41c626fbc09f47c72eec3e23409ae4b42c2c77753d502533964738e5e3104daa4138fdc4674e27aaee43e828c17f8bac516b48ea058b72a9ab96ca2
SSDEEP

3072:rm9YwoHPpwdnkLlEQpTzrlp0qsPu9QhvEoMu/k+kDClWDocC:5wKPpYk+QtjbsWQhds+sClihC

Score

1^/10

Malware Config

Signatures

Files

25400dc4cfeebe7e6b0d7a0c117a1c21_JaffaCakes118
.exe windows:5 windows x86 arch:x86

44ad7f589c89714f631150955566f453

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

Issuer

CN=234g634gh3

Not Before

26/02/2012, 06:07

Not After

31/12/2039, 23:59

Subject

CN=234g634gh3

Extended Key Usages

ExtKeyUsageCodeSigning

9f:65:6f:6f:9e:ac:86:69:46:41:60:7c:48:30:d0:53:4e:67:7f:58
Signer

Actual PE Digest

9f:65:6f:6f:9e:ac:86:69:46:41:60:7c:48:30:d0:53:4e:67:7f:58

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
InterlockedCompareExchange
GetProcAddress
LoadLibraryA
GetWindowsDirectoryW

user32

DdeUninitialize
DefWindowProcA
DeferWindowPos
DeleteMenu
DestroyCursor
DlgDirListA
DlgDirSelectComboBoxExA
DragObject
DrawEdge
DrawIcon
DrawIconEx
EnableScrollBar
EnableWindow
EnumDesktopWindows
EnumDisplayMonitors
EnumDisplaySettingsExW
EnumPropsA
EnumWindowStationsW
FindWindowExA
FindWindowExW
FindWindowW
FlashWindowEx
GetAltTabInfoA
GetCapture
GetClassInfoA
GetClassNameW
GetClassWord
GetClientRect
GetClipboardViewer
GetDlgItemTextA
GetForegroundWindow
GetKeyNameTextA
GetKeyboardLayout
GetKeyboardState
GetLastInputInfo
GetListBoxInfo
GetMenu
GetMenuItemCount
GetMenuState
GetMessageExtraInfo
GetMonitorInfoA
GetOpenClipboardWindow
GetPriorityClipboardFormat
GetQueueStatus
GetScrollInfo
GetScrollPos
GetSubMenu
GetSystemMenu
DdePostAdvise
GetWindowContextHelpId
GetWindowPlacement
GetWindowRect
GetWindowTextA
GrayStringA
IMPQueryIMEA
InsertMenuA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerW
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsWindow
IsWindowUnicode
LoadBitmapW
LockSetForegroundWindow
MessageBoxExW
ModifyMenuA
OemToCharBuffW
PostThreadMessageW
RealGetWindowClass
RegisterClassExA
RegisterClassW
RegisterDeviceNotificationW
RegisterHotKey
ReleaseCapture
SendDlgItemMessageA
SendIMEMessageExA
SendMessageCallbackA
SendMessageCallbackW
SendMessageW
SendNotifyMessageA
SendNotifyMessageW
SetCaretBlinkTime
SetCaretPos
SetClassLongW
SetClassWord
SetMenuItemInfoA
SetMenuItemInfoW
SetUserObjectInformationW
SetWinEventHook
SubtractRect
SwitchToThisWindow
TabbedTextOutA
ToAscii
ToUnicodeEx
TranslateAcceleratorW
UnpackDDElParam
UpdateLayeredWindow
UpdateWindow
WaitMessage
WindowFromDC
keybd_event
mouse_event
DdeImpersonateClient
DdeEnableCallback
DdeDisconnectList
DdeConnectList
CreatePopupMenu
CreateIconFromResourceEx
CreateDialogParamA
ClipCursor
CheckMenuRadioItem
CharUpperBuffW
CharPrevExA
CharLowerBuffW
ChangeClipboardChain
CallMsgFilterW
BroadcastSystemMessageA
BringWindowToTop
BlockInput
BeginDeferWindowPos
ArrangeIconicWindows
AdjustWindowRectEx
LoadIconA
GetUpdateRect

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
ChooseColorA

ole32

CLIPFORMAT_UserFree
CLIPFORMAT_UserUnmarshal
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCreateGuid
CoCreateInstance
CoCreateObjectInContext
CoDisableCallCancellation
CoDosDateTimeToFileTime
CoFileTimeNow
CoGetClassObject
CoGetCurrentLogicalThreadId
CoGetInstanceFromFile
CoGetInstanceFromIStorage
CoGetMarshalSizeMax
CoGetObjectContext
CoGetStdMarshalEx
CoImpersonateClient
CoInitialize
CoLoadLibrary
CoQueryAuthenticationServices
CoQueryReleaseObject
CoReactivateObject
CoRegisterClassObject
CoRegisterMallocSpy
CoRegisterSurrogate
CoReleaseMarshalData
CoRevertToSelf
CoSuspendClassObjects
CoSwitchCallContext
CoTaskMemRealloc
CoTestCancel
CoTreatAsClass
CoUnmarshalInterface
CreateClassMoniker
CreateDataAdviseHolder
CreateFileMoniker
CreateItemMoniker
CreateObjrefMoniker
CreateOleAdviseHolder
CreatePointerMoniker
CreateStdProgressIndicator
CreateStreamOnHGlobal
DllGetClassObjectWOW
FreePropVariantArray
GetConvertStg
GetDocumentBitStg
GetHGlobalFromILockBytes
GetHGlobalFromStream
HACCEL_UserMarshal
HBITMAP_UserFree
HBRUSH_UserSize
HDC_UserMarshal
HDC_UserSize
HDC_UserUnmarshal
HENHMETAFILE_UserFree
HENHMETAFILE_UserSize
HGLOBAL_UserFree
HICON_UserFree
HICON_UserMarshal
HICON_UserSize
HMENU_UserFree
HMENU_UserSize
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserSize
HWND_UserFree
IsAccelerator
IsEqualGUID
MonikerCommonPrefixWith
OleConvertIStorageToOLESTREAM
OleConvertIStorageToOLESTREAMEx
OleCreateEmbeddingHelper
OleCreateFromDataEx
OleCreateLink
OleCreateLinkToFile
OleDestroyMenuDescriptor
OleInitialize
OleIsCurrentClipboard
OleQueryCreateFromData
OleRegEnumVerbs
OleRegGetUserType
OleRun
OleSave
OleSetContainedObject
OleSetMenuDescriptor
OleUninitialize
PropStgNameToFmtId
PropVariantClear
PropVariantCopy
ReadClassStg
ReadOleStg
ReadStringStream
RegisterDragDrop
RevokeDragDrop
SNB_UserFree
SNB_UserSize
SNB_UserUnmarshal
STGMEDIUM_UserFree
STGMEDIUM_UserSize
SetConvertStg
StgConvertPropertyToVariant
StgCreateDocfileOnILockBytes
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenPropStg
StgPropertyLengthAsVariant
StringFromCLSID
StringFromGUID2
StringFromIID
UtGetDvtd16Info
WdtpInterfacePointer_UserFree
WdtpInterfacePointer_UserMarshal
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserUnmarshal
WriteClassStm
WriteOleStg

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44ad7f589c89714f631150955566f453

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5aCertificate

Extended Key Usages

9f:65:6f:6f:9e:ac:86:69:46:41:60:7c:48:30:d0:53:4e:67:7f:58Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 648B

.text6 Size: 2KB - Virtual size: 1KB

.text1 Size: 1024B - Virtual size: 1000B

.text2 Size: 1024B - Virtual size: 1000B

.text5 Size: 165KB - Virtual size: 165KB

.reloc Size: 2KB - Virtual size: 2KB

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

9f:65:6f:6f:9e:ac:86:69:46:41:60:7c:48:30:d0:53:4e:67:7f:58
Signer

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 648B

.text6
Size: 2KB - Virtual size: 1KB

.text1
Size: 1024B - Virtual size: 1000B

.text2
Size: 1024B - Virtual size: 1000B

.text5
Size: 165KB - Virtual size: 165KB

.reloc
Size: 2KB - Virtual size: 2KB