299fc4841323fb9cc9a275bfc154b2c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

299fc4841323fb9cc9a275bfc154b2c9_JaffaCakes118
Size

277KB
MD5

299fc4841323fb9cc9a275bfc154b2c9
SHA1

3d2ab2a0b39b6e7546be3afc06d1617b0a9f1878
SHA256

8232db1e744ad40c150ca51d6d45e68c6e5868c108e600fb3a0cb72616166482
SHA512

e564419b9703eeee5f3f6b2512b92f48f58b1186d8948249dbe498995d5d8678ee9aeaaee8840e6674e3743359b008cde6aca090da3b017b5221f8d665abac15
SSDEEP

6144:r4byG6rzysDrwsSSYRkrD77q3UwQi7+QCAEzod:rolTkrwsSSYun77OUZi7DCTo

Score

1^/10

Malware Config

Signatures

Files

299fc4841323fb9cc9a275bfc154b2c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15/03/2012, 10:39

Not After

31/12/2039, 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

43:1d:a0:04:a9:ac:a0:ce:e1:1b:89:33:a4:e6:02:2a:fe:d7:f0:5f
Signer

Actual PE Digest

43:1d:a0:04:a9:ac:a0:ce:e1:1b:89:33:a4:e6:02:2a:fe:d7:f0:5f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
DnsHostnameToComputerNameA
CreateDirectoryA
HeapCompact
EnumUILanguagesA
ReadConsoleInputA
GetLocalTime
SetConsoleTitleA
FindFirstFileExW
SetFilePointerEx
GetStringTypeA
GetSystemTimeAdjustment
GetCompressedFileSizeW
GlobalGetAtomNameW
GetConsoleAliasExesLengthA
ExpandEnvironmentStringsA
GetProcessVersion
DeleteCriticalSection
SetConsoleTextAttribute
DisconnectNamedPipe
CreateMailslotW
IsSystemResumeAutomatic
FlushFileBuffers
GetSystemWindowsDirectoryW
SetComputerNameExW
WriteConsoleA
ReadConsoleOutputAttribute
ResetEvent
ChangeTimerQueueTimer
IsBadWritePtr
lstrcpyn
Module32Next
GetThreadLocale
WriteProfileStringW
WriteConsoleInputW
VerifyVersionInfoA
GetTapePosition
GetSystemTimeAsFileTime
GetVersionExW
GetProcessHeap
SetTapePosition
SetVolumeLabelA
FreeUserPhysicalPages
LocalHandle
GlobalFindAtomW
CreateThread
CreateTimerQueueTimer
GlobalMemoryStatusEx
GlobalAlloc
GetProcessAffinityMask
IsProcessorFeaturePresent
OpenWaitableTimerW
SetComputerNameExA
GetDiskFreeSpaceW
FindFirstChangeNotificationA
GetBinaryTypeA
GetCPInfoExA
Thread32First
FindFirstChangeNotificationW
FindCloseChangeNotification
GetMailslotInfo
GetPrivateProfileSectionA
SetThreadPriority
SetVolumeMountPointW
VirtualQueryEx
SetSystemPowerState
CreateSemaphoreW
SetThreadContext
SetErrorMode
GetTapeParameters
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
TlsSetValue
TerminateJobObject
GetCommandLineW
GlobalUnWire
DosDateTimeToFileTime
GetCompressedFileSizeA
CreateNamedPipeA
GetConsoleCP
DeleteFileW
PrepareTape
BeginUpdateResourceA
Beep
GetBinaryType
HeapReAlloc
SetCurrentDirectoryW
MapUserPhysicalPages
GetEnvironmentVariableA
GetSystemPowerStatus
ReadFileScatter
GetPrivateProfileStructA
OpenEventA
GetConsoleAliasExesA
SetThreadAffinityMask

user32

SetCursor
GetWindowTextW
GetClipboardFormatNameA
EnumDisplaySettingsExA
GetClassWord
RegisterClipboardFormatW
TranslateAcceleratorA
LoadImageW
GetClassLongW
GetDoubleClickTime
DdeCreateStringHandleA
EditWndProc
DrawIconEx
GetClassNameA
DdeEnableCallback
BeginDeferWindowPos
GetIconInfo
OpenWindowStationA
SetDlgItemTextA
GetMouseMovePointsEx
WINNLSGetIMEHotkey
IsDialogMessageA
EnumPropsA
SetScrollRange
GetScrollRange
DestroyMenu
DdeQueryConvInfo
GetMenuItemRect
SetUserObjectSecurity
EnumDisplaySettingsW
SetMessageQueue
GetMessagePos
SetCaretPos
DdeInitializeW
GetThreadDesktop
RegisterWindowMessageW
CharUpperW
GetWindowThreadProcessId
GetCursor
FlashWindowEx
DrawTextExW
AllowSetForegroundWindow
TrackPopupMenuEx
UnregisterClassA
DlgDirSelectExA
GetUpdateRgn
FreeDDElParam
GetClipboardData
WaitMessage
SendMessageCallbackW
IsHungAppWindow
GetKeyNameTextW
SendMessageW
WinHelpW
LoadMenuIndirectW
SetSysColors
GetClipboardOwner
GetNextDlgTabItem
GetKeyboardLayoutNameA
CharPrevExA
GetWindowLongW
SetRect
IsCharAlphaNumericA
CreateIconFromResource
DdeFreeDataHandle
CharLowerW
SetWinEventHook
SetThreadDesktop
DdeReconnect
SetMessageExtraInfo
CheckMenuItem
CreateCursor
DdeQueryStringW
SetDoubleClickTime
ReuseDDElParam
GetTabbedTextExtentW
InsertMenuItemW
DdeGetLastError
MonitorFromWindow
GrayStringW
CreateWindowStationA
CharUpperBuffA
wsprintfW
VkKeyScanW
InvalidateRgn
GetAncestor
CountClipboardFormats
WindowFromPoint
UserHandleGrantAccess
UnloadKeyboardLayout
GetDlgItemInt
SwitchDesktop
CreateDialogIndirectParamW
SendMessageA
RegisterWindowMessageA
TranslateMDISysAccel

comdlg32

PrintDlgA
PrintDlgExW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW
GetSaveFileNameA
ChooseFontW
PageSetupDlgW
ReplaceTextW
CommDlgExtendedError
ChooseColorA
GetFileTitleA
GetFileTitleW
ReplaceTextA
GetOpenFileNameA
PrintDlgExA
PrintDlgW
FindTextA
ChooseColorW
PageSetupDlgA
FindTextW

advapi32

RegOpenKeyExW

comctl32

ImageList_Remove
ord13
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_DragEnter
ImageList_GetImageInfo
InitMUILanguage
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_Destroy
ImageList_Duplicate
ImageList_DragLeave
CreateStatusWindowW
ImageList_DrawEx
InitializeFlatSB
ImageList_DragShowNolock
FlatSB_SetScrollInfo
CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_LoadImageA
ord6
ord4
ImageList_LoadImageW
ImageList_GetImageRect
CreateToolbarEx
InitCommonControlsEx
ord14
GetMUILanguage
ImageList_GetIcon
ImageList_DrawIndirect
_TrackMouseEvent
ord7
CreatePropertySheetPage
ImageList_Replace
CreateStatusWindow
ImageList_DragMove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetFilter
PropertySheetW
ImageList_EndDrag
ImageList_Read
ord17
ImageList_Create
FlatSB_GetScrollProp
FlatSB_SetScrollProp
ord2
ImageList_SetImageCount
ord3
ImageList_Copy
FlatSB_SetScrollRange
DrawStatusText
ImageList_Draw
ImageList_GetDragImage
UninitializeFlatSB
CreatePropertySheetPageA
ImageList_Add

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

d4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d2
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

43:1d:a0:04:a9:ac:a0:ce:e1:1b:89:33:a4:e6:02:2a:fe:d7:f0:5fSigner

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

d4 Size: 1024B - Virtual size: 1000B

d3 Size: 1024B - Virtual size: 1000B

d2 Size: 258KB - Virtual size: 257KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

43:1d:a0:04:a9:ac:a0:ce:e1:1b:89:33:a4:e6:02:2a:fe:d7:f0:5f
Signer

.text
Size: 4KB - Virtual size: 3KB

d4
Size: 1024B - Virtual size: 1000B

d3
Size: 1024B - Virtual size: 1000B

d2
Size: 258KB - Virtual size: 257KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB