31141c247da9a02ac0c11177bf181698_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

31141c247da9a02ac0c11177bf181698_JaffaCakes118
Size

277KB
MD5

31141c247da9a02ac0c11177bf181698
SHA1

45f907898f33b32380ea632df8f5b686ac0f922d
SHA256

3f55b7c2261d31e29fc84c7925ad622f3add1574aeee0cac53ee38b34f633064
SHA512

39d79144d3027a0406b3ffa5066b07a0d66d8efe5dcb18c13246e29a7d329de64827aab31891ba5699b28655179219cedb30b37d5a07a46af963801a9d9cff81
SSDEEP

6144:NE4bPG6rzysDrwsSSY+krD77q3UwQi72QCAEzo:NEo+TkrwsSSYxn77OUZi7rCTo

Score

1^/10

Malware Config

Signatures

Files

31141c247da9a02ac0c11177bf181698_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e679f6f915c593df35657cd3b4f920e

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15-03-2012 10:39

Not After

31-12-2039 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

f4:2c:21:16:f9:31:08:73:c0:5f:14:0c:1a:9e:81:db:66:cd:7d:43
Signer

Actual PE Digest

f4:2c:21:16:f9:31:08:73:c0:5f:14:0c:1a:9e:81:db:66:cd:7d:43

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
VirtualAlloc
SetEnvironmentVariableA
WaitNamedPipeA
DeleteFileW
GetLongPathNameA
OpenFileMappingA
GetNumberFormatA
SetComputerNameExA
LoadLibraryA
RaiseException
SetConsoleCtrlHandler
GetCommProperties
SetCalendarInfoW
GetStartupInfoA
CreateWaitableTimerW
CreateIoCompletionPort
FindNextVolumeW
GetConsoleScreenBufferInfo
SetLocaleInfoW
GetThreadLocale
CreateDirectoryExW
SearchPathA
GetLongPathNameW
BindIoCompletionCallback
DeleteTimerQueueTimer
GetConsoleAliasExesW
GetComputerNameExW
GetProcessHeaps
GetCommConfig
PulseEvent
Thread32First
Heap32ListNext
ReadProcessMemory
GetProcessVersion
QueryDosDeviceA
ClearCommError
ExpandEnvironmentStringsA
_lclose
EnumCalendarInfoExA
lstrcmpA
AddConsoleAliasA
TerminateProcess
GetLocaleInfoA
VirtualFreeEx
GetTempPathW
SetErrorMode
OpenEventA
Heap32ListFirst
GetFileSizeEx
FatalAppExitW
CreateConsoleScreenBuffer
GetSystemDirectoryA
InitializeCriticalSection
ReadConsoleOutputCharacterW
FatalAppExitA
OpenFileMappingW
GenerateConsoleCtrlEvent
SetMailslotInfo
GetModuleFileNameA
GetProfileStringA
VerifyVersionInfoW
GetPrivateProfileIntW
GetProcessAffinityMask
MapViewOfFile
FormatMessageW
ExitProcess
CopyFileW
Toolhelp32ReadProcessMemory
lstrcpyW
GlobalMemoryStatus
WriteConsoleOutputW
EnumTimeFormatsA
VirtualUnlock
GetTickCount
GetWriteWatch
FindFirstVolumeW
GetConsoleAliasW
GetTempFileNameA
FindVolumeMountPointClose
TransmitCommChar
FreeEnvironmentStringsA
GetProcessShutdownParameters
WaitCommEvent
GetDateFormatA
CreateSemaphoreA
GetSystemWindowsDirectoryA
WriteConsoleOutputAttribute
WriteFileEx
SearchPathW
SetFileApisToOEM
LoadLibraryExA
WaitForMultipleObjectsEx
SetStdHandle
ReadConsoleW
FileTimeToSystemTime
BeginUpdateResourceW
FindClose

user32

SetDebugErrorLevel
GetWindowPlacement
AdjustWindowRect
DrawTextA
GetMenuInfo
IMPQueryIMEA
CreateMenu
InvalidateRect
GetForegroundWindow
SetSysColors
SwapMouseButton
DestroyCaret
EmptyClipboard
SetPropW
GetClassInfoExW
CallMsgFilterW
DialogBoxParamA
DrawTextExW
TrackPopupMenu
BeginPaint
IsDialogMessageA
LoadCursorFromFileA
ShowOwnedPopups
DialogBoxIndirectParamW
GetAltTabInfoW
MenuItemFromPoint
WINNLSGetEnableStatus
ImpersonateDdeClientWindow
MessageBoxA
CreateMDIWindowW
OemToCharW
LoadCursorW
TrackMouseEvent
DialogBoxParamW
CascadeWindows
IsCharLowerW
DefFrameProcA
GetNextDlgTabItem
DdeSetQualityOfService
EnumDisplaySettingsExA
GetInputState
SetDlgItemTextA
InvalidateRgn
DefWindowProcA
InSendMessageEx
GetScrollPos
CharNextW
PostQuitMessage
SetMenuItemInfoW
SetMessageQueue
DdeDisconnectList
MapDialogRect
GetMenuItemInfoW
GetCursorPos
ExcludeUpdateRgn
SetLayeredWindowAttributes
DdeCreateDataHandle
MessageBoxIndirectA
UpdateWindow
CharNextExA
SetRectEmpty
SubtractRect
ScrollWindow
CreateWindowStationA
GrayStringA
EnumWindows
FindWindowExA
UpdateLayeredWindow
ModifyMenuW
EndTask
NotifyWinEvent
ReuseDDElParam
GetUpdateRect
PeekMessageW
MessageBoxIndirectW
SetActiveWindow
IsWindowEnabled
PostThreadMessageW
WINNLSGetIMEHotkey
CopyAcceleratorTableA
MapVirtualKeyExA
OpenClipboard
PostThreadMessageA
SetShellWindow
IsClipboardFormatAvailable
DrawFrame
RemovePropA
GetWindow
GetKeyState

comdlg32

GetFileTitleW
ChooseFontW
PageSetupDlgA
ChooseColorA
ChooseColorW
PageSetupDlgW
FindTextA
GetSaveFileNameA
GetSaveFileNameW
PrintDlgA
PrintDlgExA
PrintDlgW
GetOpenFileNameW
GetOpenFileNameA
ReplaceTextW
FindTextW
ReplaceTextA
PrintDlgExW
CommDlgExtendedError
GetFileTitleA
ChooseFontA

advapi32

RegOpenKeyExW

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHFreeNameMappings
SHGetFolderPathA
SHGetMalloc
SHQueryRecycleBinA
ExtractIconEx
ShellAboutW
SHQueryRecycleBinW
ShellExecuteW
FindExecutableA
SHGetInstanceExplorer
ShellExecuteA
SHGetFileInfoA
DragQueryFileW
SHPathPrepareForWriteA
ExtractIconA
ShellHookProc
SHInvokePrinterCommandA
SHGetSettings
SHGetDiskFreeSpaceExW
ShellExecuteEx
SHGetDiskFreeSpaceExA
SHCreateDirectoryExW
DragQueryPoint
DragQueryFileAorW
ShellExecuteExA
SHGetDiskFreeSpaceA
SHGetPathFromIDList
SHIsFileAvailableOffline
CheckEscapesW
SHGetPathFromIDListW
WOWShellExecute
ExtractIconExA
FindExecutableW
SHFileOperationA
SHEmptyRecycleBinA
SHFileOperation
SHGetFolderPathW
DragQueryFile
SHGetIconOverlayIndexW
DuplicateIcon
ExtractAssociatedIconA
SHBrowseForFolder
SHGetSpecialFolderPathW
DoEnvironmentSubstA
ShellAboutA
DoEnvironmentSubstW
SHEmptyRecycleBinW
ExtractAssociatedIconExW
DragFinish
SHLoadInProc
ShellExecuteExW
SHPathPrepareForWriteW
ExtractAssociatedIconW
SHGetSpecialFolderPathA

shlwapi

StrRStrIW
StrRChrW
StrRChrIW
StrRStrIA
StrStrIW
StrRChrA
StrChrW
StrStrA
StrCmpNIA
StrRChrIA
StrChrA
StrChrIW

comctl32

FlatSB_EnableScrollBar
FlatSB_GetScrollPos
ImageList_Read
ImageList_Write
PropertySheet
ImageList_Create
CreateToolbarEx
ImageList_AddIcon
ImageList_AddMasked
ord3
ord16
ImageList_ReplaceIcon
ImageList_LoadImageA
GetMUILanguage
FlatSB_GetScrollProp
FlatSB_SetScrollPos
ImageList_SetDragCursorImage
ImageList_GetImageCount
FlatSB_SetScrollInfo
ord14
FlatSB_GetScrollInfo
ord6
ImageList_GetBkColor
ImageList_DragLeave
ord2
FlatSB_SetScrollProp
ImageList_DrawIndirect
ImageList_Add
InitMUILanguage
ImageList_Merge
ImageList_DrawEx
CreatePropertySheetPage
ImageList_LoadImage
PropertySheetA
ImageList_GetImageInfo
ImageList_DragMove
ImageList_DragShowNolock
ImageList_GetImageRect
ImageList_SetBkColor
ImageList_GetDragImage
CreatePropertySheetPageA
ImageList_SetOverlayImage
ord8
ImageList_GetIcon
ImageList_BeginDrag
ImageList_Remove
ImageList_EndDrag
DrawStatusText
ImageList_Draw
CreatePropertySheetPageW
FlatSB_ShowScrollBar
ImageList_LoadImageW
ord17
ImageList_Replace
ImageList_DragEnter
ImageList_SetImageCount
CreateStatusWindow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

d2
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e679f6f915c593df35657cd3b4f920e

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

f4:2c:21:16:f9:31:08:73:c0:5f:14:0c:1a:9e:81:db:66:cd:7d:43Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

d2 Size: 258KB - Virtual size: 257KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

f4:2c:21:16:f9:31:08:73:c0:5f:14:0c:1a:9e:81:db:66:cd:7d:43
Signer

.text
Size: 4KB - Virtual size: 3KB

d2
Size: 258KB - Virtual size: 257KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB