29c7be873fee4f15e879f06f7fb8f63d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29c7be873fee4f15e879f06f7fb8f63d_JaffaCakes118
Size

39KB
MD5

29c7be873fee4f15e879f06f7fb8f63d
SHA1

b23e330aa1c64484dd64359d5b1c5a4f2e58766e
SHA256

d5c64a887157337c34bf56cd7390e6318d1af49e4013615846315354c3401c5d
SHA512

832498eea88624e6cfda5957bc28f567047183036a7c022eb050cb752c2db438f7935823603903d92cd6468b7b6fa783e0e007b0ef5000998e5f8b6d1d016b21
SSDEEP

768:RIdi3I9HxMKgg7JBrHvYGBcrnpZXwlas9/U0DKnJ/mKAjHslK1ycDtAPR0:mdi496KR/XWrnpZXWnWH/F4V

Score

1^/10

Malware Config

Signatures

Files

29c7be873fee4f15e879f06f7fb8f63d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

Issuer

CN=t123612333

Not Before

05/02/2012, 18:21

Not After

31/12/2039, 23:59

Subject

CN=t123612333

Extended Key Usages

ExtKeyUsageCodeSigning

0d:97:ef:df:c9:b1:94:5a:b6:57:2f:78:30:46:7e:7d:e1:54:0d:e8
Signer

Actual PE Digest

0d:97:ef:df:c9:b1:94:5a:b6:57:2f:78:30:46:7e:7d:e1:54:0d:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommConfig
SetCommState
SetComputerNameExA
SetComputerNameExW
SetComputerNameW
SetConsoleMode
SetEnvironmentVariableA
SetFileAttributesA
SetFileTime
SetPriorityClass
SetStdHandle
SetCalendarInfoW
SetWaitableTimer
SignalObjectAndWait
Sleep
TerminateJobObject
TlsFree
TransactNamedPipe
UnlockFileEx
WriteFileGather
WriteProfileStringA
WriteTapemark
lstrcpyA
ResetWriteWatch
ReadConsoleOutputW
ReadConsoleInputW
QueryPerformanceFrequency
MoveFileExW
Module32First
LockFile
LocalShrink
LocalFileTimeToFileTime
LoadResource
IsBadStringPtrA
HeapAlloc
Heap32ListFirst
GlobalUnlock
GlobalSize
GlobalMemoryStatusEx
GlobalMemoryStatus
GlobalHandle
GlobalAddAtomA
GetWindowsDirectoryW
GetVersion
GetUserDefaultLCID
GetTimeFormatW
GetTimeFormatA
GetThreadSelectorEntry
GetTempFileNameA
GetSystemDefaultLangID
GetStringTypeA
GetProcessPriorityBoost
GetNumberFormatW
GetLongPathNameW
GetLocalTime
GetDiskFreeSpaceExA
GetCurrentThreadId
GetCurrentDirectoryA
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleAliasesLengthA
GetComputerNameExA
GetCommState
GetCommMask
GetBinaryTypeW
GetAtomNameW
FormatMessageW
FoldStringA
FindResourceExA
FindResourceA
FindFirstVolumeMountPointA
FillConsoleOutputAttribute
EnumLanguageGroupLocalesW
EnumResourceNamesA
EnumDateFormatsExW
EnumCalendarInfoW
EndUpdateResourceA
DnsHostnameToComputerNameA
CreateTimerQueueTimer
CreateSemaphoreW
CreateRemoteThread
CreateProcessW
CreateProcessA
CreateEventW
CreateDirectoryW
CopyFileExW
CopyFileA
CompareStringA
ChangeTimerQueueTimer
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BeginUpdateResourceW
LoadLibraryA
GetProcAddress
SetThreadContext
VirtualAlloc

gdi32

cGetTTFFromFOT
XFORMOBJ_bApplyXform
UnloadNetworkFonts
StartDocW
SetStretchBltMode
SetMapMode
SetLayout
SetDIBColorTable
SetBkMode
SelectPalette
SaveDC
RemoveFontResourceTracking
PtInRegion
Polyline
PolyDraw
PlayEnhMetaFile
PATHOBJ_vEnumStart
GetTextFaceAliasW
GetTextExtentExPointA
GetNearestPaletteIndex
GetLayout
GetFontAssocStatus
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetCurrentObject
GetBitmapDimensionEx
GdiGetPageHandle
GdiGetDevmodeForPage
GdiGetCharDimensions
GdiDeleteSpoolFileHandle
GdiComment
FlattenPath
FONTOBJ_pxoGetXform
EngGetDriverName
EngCreateSemaphore
EngBitBlt
EngAcquireSemaphore
EndDoc
CreateMetaFileW
CreateFontIndirectW
CreateFontIndirectA
CreateDCA
CombineTransform
ChoosePixelFormat
CheckColorsInGamut
CLIPOBJ_bEnum
AnyLinkedFonts
GetStockObject
gdiPlaySpoolStream

comdlg32

ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.set
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uuj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18Certificate

Extended Key Usages

0d:97:ef:df:c9:b1:94:5a:b6:57:2f:78:30:46:7e:7d:e1:54:0d:e8Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 6KB - Virtual size: 6KB

.set Size: 19KB - Virtual size: 18KB

.uuj Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 152B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

0d:97:ef:df:c9:b1:94:5a:b6:57:2f:78:30:46:7e:7d:e1:54:0d:e8
Signer

.text
Size: 6KB - Virtual size: 6KB

.set
Size: 19KB - Virtual size: 18KB

.uuj
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 152B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB