2a82b570c1d4d4f2b1afab740f38dffa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a82b570c1d4d4f2b1afab740f38dffa_JaffaCakes118
Size

131KB
MD5

2a82b570c1d4d4f2b1afab740f38dffa
SHA1

1757fca94ab0afdb927c55a629b70a118134659d
SHA256

496f2099048f73a15a8b53dd502b94e4897b0d78860b48f15792b94d893f3f97
SHA512

a7c44629b10cae731657c0c764c99f2bf8b1b3fbf2a17ff01e5e662cfd36ade227484d399c71f318de3b7d8dd87c3911e5429f8e43f003243bf6e17ee94772e2
SSDEEP

3072:posTIcJ0kEAXrRt8x6o7Piv2Piv2Piv2Piv:asP0kp2ppp

Score

1^/10

Malware Config

Signatures

Files

2a82b570c1d4d4f2b1afab740f38dffa_JaffaCakes118
.dll windows:5 windows x86 arch:x86

929ebce196ba54f4b5beea260eb08c24

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

Issuer

CN=erqwerqwert23623

Not Before

05/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=erqwerqwert23623

Extended Key Usages

ExtKeyUsageCodeSigning

7b:66:85:d6:a3:ca:4b:79:3f:a6:59:36:6a:eb:00:84:47:b6:0a:29
Signer

Actual PE Digest

7b:66:85:d6:a3:ca:4b:79:3f:a6:59:36:6a:eb:00:84:47:b6:0a:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedCompareExchange
GetCommState
lstrcpyA
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
CreateFileA
VirtualAlloc

user32

AnyPopup
AppendMenuA
ArrangeIconicWindows
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
CharUpperA
ChildWindowFromPointEx
ClipCursor
CreateDialogIndirectParamA
CreateMenu
CreatePopupMenu
DdeAddData
DdeConnectList
DdeGetData
DefMDIChildProcW
DefWindowProcA
DeregisterShellHookWindow
DialogBoxIndirectParamW
DlgDirSelectComboBoxExA
DragObject
DrawAnimatedRects
DrawCaption
DrawFrame
DrawMenuBar
DrawStateW
DrawTextA
DrawTextW
EnableMenuItem
EndMenu
EndPaint
EnumDisplaySettingsA
EnumDisplaySettingsW
EnumPropsExW
FlashWindowEx
FreeDDElParam
GetAncestor
GetClassLongW
GetClassNameW
GetClipboardSequenceNumber
GetClipboardViewer
GetDCEx
GetDlgItemInt
GetKeyNameTextW
GetKeyboardState
GetMenuItemInfoA
GetMenuStringA
GetScrollBarInfo
GetTitleBarInfo
GetWindowRect
GetWindowTextW
GetWindowWord
HiliteMenuItem
InSendMessage
InSendMessageEx
InsertMenuItemA
InvalidateRect
IsCharAlphaA
IsCharUpperA
IsClipboardFormatAvailable
LoadBitmapW
LoadMenuIndirectW
LockSetForegroundWindow
LookupIconIdFromDirectory
MessageBoxExW
MoveWindow
OemToCharBuffA
OpenIcon
PostQuitMessage
RealGetWindowClass
RegisterWindowMessageA
RemovePropW
ScrollDC
SendNotifyMessageW
SetCapture
SetClipboardData
SetCursorPos
SetDebugErrorLevel
SetDeskWallpaper
SetDlgItemInt
SetDlgItemTextA
SetDoubleClickTime
SetMenuInfo
SetProcessDefaultLayout
SetProcessWindowStation
SetPropA
SetShellWindow
SetUserObjectInformationA
SetWindowContextHelpId
SetWindowsHookExW
ShowOwnedPopups
SwapMouseButton
ToUnicodeEx
UnregisterDeviceNotification

ole32

CLSIDFromProgIDEx
CoAddRefServerProcess
CoBuildVersion
CoDeactivateObject
CoDisableCallCancellation
CoEnableCallCancellation
CoFileTimeNow
CoFreeAllLibraries
CoFreeUnusedLibraries
CoGetClassObject
CoGetInstanceFromIStorage
CoGetInterfaceAndReleaseStream
CoGetStdMarshalEx
CoGetTreatAsClass
CoInitializeEx
CoInitializeSecurity
CoMarshalHresult
CoQueryAuthenticationServices
CoQueryReleaseObject
CoReactivateObject
CoRegisterClassObject
CoRegisterPSClsid
CoRegisterSurrogateEx
CoResumeClassObjects
CoRevokeClassObject
CoRevokeMallocSpy
CoSetCancelObject
CoSetProxyBlanket
CoTaskMemFree
CreateBindCtx
CreateDataAdviseHolder
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
DcomChannelSetHResult
DllDebugObjectRPCHook
DllGetClassObjectWOW
GetHGlobalFromStream
HBRUSH_UserFree
HDC_UserMarshal
HENHMETAFILE_UserFree
HGLOBAL_UserUnmarshal
HICON_UserMarshal
HMETAFILEPICT_UserFree
HMETAFILEPICT_UserMarshal
HMETAFILE_UserFree
HMETAFILE_UserMarshal
HWND_UserSize
IsAccelerator
MkParseDisplayName
MonikerRelativePathTo
OleConvertOLESTREAMToIStorageEx
OleCreateFromFile
OleCreateLink
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleCreateMenuDescriptor
OleCreateStaticFromData
OleGetClipboard
OleIsRunning
OleLockRunning
OleNoteObjectVisible
OleRegEnumVerbs
OleRegGetUserType
OleSave
OleSetContainedObject
OleSetMenuDescriptor
PropVariantCopy
ReadClassStm
ReadOleStg
SNB_UserMarshal
STGMEDIUM_UserMarshal
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgIsStorageFile
StgOpenPropStg
StringFromGUID2
StringFromIID
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
UtGetDvtd32Info
WriteStringStream

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929ebce196ba54f4b5beea260eb08c24

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33Certificate

Extended Key Usages

7b:66:85:d6:a3:ca:4b:79:3f:a6:59:36:6a:eb:00:84:47:b6:0a:29Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 980B

.text Size: 18KB - Virtual size: 18KB

.text2 Size: 1024B - Virtual size: 800B

.rsrc Size: 98KB - Virtual size: 98KB

.reloc Size: 1KB - Virtual size: 1KB

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

7b:66:85:d6:a3:ca:4b:79:3f:a6:59:36:6a:eb:00:84:47:b6:0a:29
Signer

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 980B

.text
Size: 18KB - Virtual size: 18KB

.text2
Size: 1024B - Virtual size: 800B

.rsrc
Size: 98KB - Virtual size: 98KB

.reloc
Size: 1KB - Virtual size: 1KB