346c4734c19e3025829588a892327833_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

346c4734c19e3025829588a892327833_JaffaCakes118
Size

288KB
MD5

346c4734c19e3025829588a892327833
SHA1

e5f60082ba7304abbee46f56740a931186f3932c
SHA256

cdbd0a230230f2476b37f28c9696ed136354fd503016a316ec624a2cfb5712bc
SHA512

70431cee903aeb0deb7bc4db38d04f5ca63877d3519b59223f41729a32c1b920fcae6b48fbb3851db0f4aaa339f3fa5029ecd8443734797c044f32759ae3f5a9
SSDEEP

6144:HKjBzsuDVxMG3lyUqqLSwAohoRacwu5z469o0vZXbWsl7LR:eNsGV5z9A3REh0l/l7t

Score

1^/10

Malware Config

Signatures

Files

346c4734c19e3025829588a892327833_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87fe56bbce50b82b59b075d82b50741b

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

Issuer

CN=62esgfdgs

Not Before

23-02-2012 09:44

Not After

31-12-2039 23:59

Subject

CN=62esgfdgs

Extended Key Usages

ExtKeyUsageCodeSigning

d8:8f:5d:92:a7:b3:2d:6f:41:c5:a7:55:16:55:d7:74:a0:4c:56:12
Signer

Actual PE Digest

d8:8f:5d:92:a7:b3:2d:6f:41:c5:a7:55:16:55:d7:74:a0:4c:56:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc
GetEnvironmentVariableA
WaitForSingleObject
GetStdHandle
GetNumberOfConsoleInputEvents
OpenWaitableTimerW
VirtualUnlock
ExpandEnvironmentStringsA
GetCurrentDirectoryW
ResumeThread
Heap32ListFirst
SetFilePointer
lstrcat
DeleteFileW
RtlZeroMemory
CreateJobObjectA
TlsSetValue
FindResourceW
SetSystemTime
SetThreadLocale
LocalShrink
LocalLock
SetConsoleScreenBufferSize
TransmitCommChar
FindResourceExA
GetProfileSectionA
TlsAlloc
GlobalFix
MultiByteToWideChar
MoveFileWithProgressA
GetConsoleOutputCP
HeapFree
lstrcpynW
WriteConsoleOutputCharacterA
GetSystemInfo
OpenJobObjectW
WriteProfileStringA
GetPrivateProfileSectionNamesW
SetupComm
CancelIo
SetMessageWaitingIndicator
GlobalAddAtomW
SetConsoleCP
WaitForDebugEvent
GetProcessTimes
GetSystemWindowsDirectoryA
QueryPerformanceCounter
GetEnvironmentVariableW
SetComputerNameW
SearchPathA
IsBadHugeReadPtr
VerLanguageNameW
TerminateProcess
DefineDosDeviceW
FindNextFileA
SetThreadIdealProcessor
GetFileSize
GetUserDefaultLangID
VerifyVersionInfoA
CancelDeviceWakeupRequest
SetInformationJobObject
SwitchToThread
GetFileAttributesW
SystemTimeToFileTime
WritePrivateProfileStringW
GetThreadSelectorEntry
FindCloseChangeNotification
OpenMutexW
GetComputerNameExA
GetPrivateProfileStringA
GetSystemTimeAdjustment
FindFirstVolumeW
DosDateTimeToFileTime
GetProfileIntW
GetCurrentProcess
CreateEventW
ReadProcessMemory
GetCommandLineA
Module32NextW
GetLogicalDriveStringsA
GlobalDeleteAtom
OpenProcess
CreateFiber
FindFirstChangeNotificationA
ReadConsoleOutputAttribute
DeleteCriticalSection
GetAtomNameW
SetConsoleTitleW
QueryPerformanceFrequency
lstrcatA
DisconnectNamedPipe
WriteFileEx
GetProcessWorkingSetSize
GetPrivateProfileStringW
VerSetConditionMask
GetDiskFreeSpaceW
FindClose
lstrcmpA
GetLargestConsoleWindowSize
ContinueDebugEvent
GetPrivateProfileIntW
DeleteVolumeMountPointW
GetTempPathA
DisableThreadLibraryCalls
SwitchToFiber
OpenFile
MoveFileExW
CreateDirectoryExW
ResetWriteWatch
EnumResourceNamesW
GetLocalTime
GetExitCodeThread
SetConsoleTitleA
FindAtomW
lstrcpynA
GlobalFindAtomA
GetStringTypeA
SetThreadPriorityBoost
GetThreadTimes
GlobalFindAtomW
SetTapePosition
_lclose
InitializeCriticalSectionAndSpinCount
CopyFileW
GetConsoleDisplayMode
EnumSystemLanguageGroupsW
CreateHardLinkA
FoldStringA
ReplaceFile
GetCommTimeouts
GenerateConsoleCtrlEvent
WriteConsoleInputA
CreateConsoleScreenBuffer
RemoveDirectoryA
GetWriteWatch

advapi32

RegOpenKeyExW

comctl32

ImageList_GetIcon
ImageList_LoadImage
ord14
ImageList_SetBkColor
FlatSB_SetScrollPos
ord16
ImageList_GetImageRect
ord3
ord13
CreatePropertySheetPageW
ImageList_Copy
InitMUILanguage
ImageList_BeginDrag
FlatSB_SetScrollProp
InitializeFlatSB
ImageList_Write
ImageList_ReplaceIcon
ImageList_SetImageCount
PropertySheetW
ImageList_SetFilter
CreateStatusWindow
ImageList_GetDragImage
PropertySheet
ImageList_AddMasked
DrawStatusTextW
ord6
PropertySheetA
DestroyPropertySheetPage
ImageList_Create
CreateToolbarEx
ImageList_Destroy
ImageList_Read
FlatSB_GetScrollInfo
FlatSB_GetScrollRange
DrawStatusText
ImageList_GetIconSize
ImageList_GetImageCount
CreatePropertySheetPage
ImageList_SetIconSize
CreatePropertySheetPageA
ord15
ImageList_Duplicate
ImageList_SetOverlayImage
ImageList_EndDrag
ImageList_Merge
FlatSB_ShowScrollBar
ImageList_DragMove
ImageList_Add
ord5
ord17
FlatSB_SetScrollInfo
ImageList_DrawIndirect
ImageList_Remove
UninitializeFlatSB
ImageList_DragLeave
FlatSB_SetScrollRange
ImageList_DragEnter
GetMUILanguage
ImageList_LoadImageW
ImageList_Replace
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_DrawEx
ord4
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ord7
ord2
FlatSB_GetScrollProp

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text11
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textH3
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH4
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH1
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH5
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH9
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH10
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87fe56bbce50b82b59b075d82b50741b

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47Certificate

Extended Key Usages

d8:8f:5d:92:a7:b3:2d:6f:41:c5:a7:55:16:55:d7:74:a0:4c:56:12Signer

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

.text11 Size: 263KB - Virtual size: 263KB

.text12 Size: 2KB - Virtual size: 1KB

.textH3 Size: 512B - Virtual size: 500B

.textH4 Size: 512B - Virtual size: 500B

.textH1 Size: 512B - Virtual size: 500B

.textH5 Size: 512B - Virtual size: 500B

.textH6 Size: 512B - Virtual size: 500B

.textH7 Size: 512B - Virtual size: 500B

.textH8 Size: 512B - Virtual size: 500B

.textH9 Size: 512B - Virtual size: 500B

.textH10 Size: 512B - Virtual size: 500B

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

d8:8f:5d:92:a7:b3:2d:6f:41:c5:a7:55:16:55:d7:74:a0:4c:56:12
Signer

.text
Size: 4KB - Virtual size: 3KB

.text11
Size: 263KB - Virtual size: 263KB

.text12
Size: 2KB - Virtual size: 1KB

.textH3
Size: 512B - Virtual size: 500B

.textH4
Size: 512B - Virtual size: 500B

.textH1
Size: 512B - Virtual size: 500B

.textH5
Size: 512B - Virtual size: 500B

.textH6
Size: 512B - Virtual size: 500B

.textH7
Size: 512B - Virtual size: 500B

.textH8
Size: 512B - Virtual size: 500B

.textH9
Size: 512B - Virtual size: 500B

.textH10
Size: 512B - Virtual size: 500B

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB