2541fb69b460ab0110713c7e71c6698e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2541fb69b460ab0110713c7e71c6698e_JaffaCakes118
Size

21KB
MD5

2541fb69b460ab0110713c7e71c6698e
SHA1

47fb0a7464bc1baf769ed9df2eb5cb0a568eeb8b
SHA256

4e9a6afdddf117dd61e6e34c4b863df34756fba418b25edcfd90e42171674529
SHA512

16aa3bbfa62990ef5cebba6e7b7728d297c2d8c0d689b75ae2cb89bb7a019fa4c0eac19ee26365f79d3fdbab922657be83248341a22f341ae8f0b18d15cb89b9
SSDEEP

384:zhBlDDdRlWqAgW5nhBnWBUpnGmIuWHP+hh4WWieZWrN:9BlDDLlWPbBnWBQGuWHP+hhdek

Score

1^/10

Malware Config

Signatures

Files

2541fb69b460ab0110713c7e71c6698e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

31e5af36e70fa3aa4a085d4ddf1dfd97

Code Sign

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8c
Certificate

Issuer

CN=yFfJFQjZS5cVSsx

Not Before

20-03-2012 06:07

Not After

31-12-2039 23:59

Subject

CN=yFfJFQjZS5cVSsx

Extended Key Usages

ExtKeyUsageCodeSigning

9b:42:6b:14:55:6e:3c:9b:b5:53:e0:78:18:3e:c3:99:f4:54:a9:a8
Signer

Actual PE Digest

9b:42:6b:14:55:6e:3c:9b:b5:53:e0:78:18:3e:c3:99:f4:54:a9:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetModuleHandleA
GetProcAddress

msvcrt

memset

user32

UnregisterHotKey
UnregisterClassA
TrackMouseEvent
ToAsciiEx
TabbedTextOutW
SystemParametersInfoA
ShowOwnedPopups
SetWindowTextA
SetWindowLongW
SetWinEventHook
SetUserObjectInformationA
SetMessageQueue
SetMessageExtraInfo
SetMenuItemBitmaps
SetKeyboardState
SetFocus
SetDoubleClickTime
SetClassLongA
SendMessageA
SendIMEMessageExW
SendDlgItemMessageW
ReplyMessage
ReleaseDC
RegisterWindowMessageA
PostQuitMessage
OpenDesktopA
OpenClipboard
OemToCharW
OemKeyScan
MsgWaitForMultipleObjects
MessageBoxExW
LoadStringA
LoadMenuIndirectA
LoadAcceleratorsW
IsCharAlphaNumericW
InvertRect
IntersectRect
InternalGetWindowText
InsertMenuItemW
InSendMessage
GrayStringA
GetWindowThreadProcessId
GetWindowInfo
GetWindowContextHelpId
GetWindow
GetUpdateRgn
GetQueueStatus
GetMonitorInfoA
GetMenuItemRect
GetMenu
GetLastInputInfo
GetKeyboardLayoutNameA
GetInputDesktop
GetGuiResources
GetForegroundWindow
GetDesktopWindow
GetComboBoxInfo
GetCaretBlinkTime
GetAsyncKeyState
GetAncestor
GetActiveWindow
FlashWindowEx
FindWindowExA
FindWindowA
ExcludeUpdateRgn
EnumWindowStationsW
EmptyClipboard
DrawStateA
DrawFocusRect
DrawEdge
DispatchMessageA
DialogBoxParamW
DeregisterShellHookWindow
DefWindowProcW
DefMDIChildProcW
DefMDIChildProcA
DdeSetUserHandle
DdeQueryConvInfo
DdePostAdvise
DdeEnableCallback
DdeCreateStringHandleW
DdeConnectList
DdeClientTransaction
CreateDialogIndirectParamW
CreateCaret
CharUpperBuffA
CascadeChildWindows
BroadcastSystemMessageW
BringWindowToTop
AdjustWindowRectEx
UnregisterClassW

gdi32

CombineTransform
CloseEnhMetaFile
Arc
XLATEOBJ_iXlate
UpdateColors
UnloadNetworkFonts
SetWindowExtEx
SetTextCharacterExtra
SetMagicColors
SetICMProfileW
SetColorAdjustment
SetBitmapDimensionEx
SetBitmapBits
SelectObject
SelectFontLocal
SaveDC
STROBJ_vEnumStart
STROBJ_bGetAdvanceWidths
RoundRect
ResetDCW
RemoveFontResourceTracking
PlgBlt
PATHOBJ_vEnumStart
OffsetRgn
NamedEscape
InvertRgn
HT_Get8BPPFormatPalette
GetTextExtentPointA
GetTextColor
GetTextAlign
GetRelAbs
GetRegionData
GetPixelFormat
GetObjectType
GetMetaFileBitsEx
GetKerningPairsA
GetGlyphOutlineW
GetGlyphOutline
GetDeviceGammaRamp
GetCurrentObject
GetCharacterPlacementA
GetCharWidthA
GetCharABCWidthsI
GetCharABCWidthsFloatA
GetBitmapBits
GdiSwapBuffers
GdiSetLastError
GdiSetAttrs
GdiPlayScript
GdiPlayPrivatePageEMF
GdiGetDevmodeForPage
GdiFixUpHandle
GdiEntry8
GdiConvertRegion
GdiConvertFont
GdiConvertBitmap
GdiConvertAndCheckDC
GdiAddGlsBounds
FillRgn
FONTOBJ_vGetInfo
ExtTextOutA
ExtFloodFill
ExtCreatePen
EnumFontsA
EnumFontFamiliesW
EnumFontFamiliesExA
EnumEnhMetaFile
EngWideCharToMultiByte
EngUnlockSurface
EngUnicodeToMultiByteN
EngQueryEMFInfo
EngFreeModule
EngCreateSemaphore
EnableEUDC
Ellipse
DeviceCapabilitiesExW
DeviceCapabilitiesExA
DeleteEnhMetaFile
DeleteDC
DeleteColorSpace
CreatePolygonRgn
CreatePolyPolygonRgn
CreatePenIndirect
CreateFontW
CreateEnhMetaFileW
CreateEllipticRgnIndirect
CreateDIBitmap
CreateColorSpaceW
CopyEnhMetaFileW
AddFontResourceExA

advapi32

RegOpenKeyExW

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31e5af36e70fa3aa4a085d4ddf1dfd97

Code Sign

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8cCertificate

Extended Key Usages

9b:42:6b:14:55:6e:3c:9b:b5:53:e0:78:18:3e:c3:99:f4:54:a9:a8Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8c
Certificate

9b:42:6b:14:55:6e:3c:9b:b5:53:e0:78:18:3e:c3:99:f4:54:a9:a8
Signer

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB