35a9bd0b5937029f882308356bbcdfa4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35a9bd0b5937029f882308356bbcdfa4_JaffaCakes118
Size

55KB
MD5

35a9bd0b5937029f882308356bbcdfa4
SHA1

36a2d9a5e01653e0be698fc098ea973db52cab13
SHA256

9b7e6b1875ba64cc6e743538c2a611a6da110aaaab73a23ef26a738557d6acc8
SHA512

dd8b90fdc7da50e988e9a939382ade2d4651adce0446873abc39b82a0b02daec03c971da712d88131f5ca0fc785d76afdd0da246bbc6eb8f2f3db66e914a379e
SSDEEP

1536:gH+zzrjSIvHmtjJo1Wr2opQ5zWErdI8RQmZhyBiSFaQt:O+zvtO1CoPpg/K8RQkyBiSFaQt

Score

1^/10

Malware Config

Signatures

Files

35a9bd0b5937029f882308356bbcdfa4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf2d41002f6ed63c194f3e5fbd7399bb

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

Issuer

CN=UD48SN2pZFYF

Not Before

13/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=UD48SN2pZFYF

Extended Key Usages

ExtKeyUsageCodeSigning

67:90:31:52:de:63:2a:b7:b2:d2:be:7c:e1:ae:66:1e:61:7b:6a:d4
Signer

Actual PE Digest

67:90:31:52:de:63:2a:b7:b2:d2:be:7c:e1:ae:66:1e:61:7b:6a:d4

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetComputerNameA

user32

GrayStringA
RegisterClassA
SetCaretPos
DdeDisconnectList
GetSysColor
OpenClipboard
LockWindowUpdate
SetWindowPos
wsprintfW
IsRectEmpty
SetDebugErrorLevel
SetKeyboardState
DialogBoxParamW
DdeReconnect
mouse_event
LookupIconIdFromDirectory
GetWindowTextA
GetForegroundWindow
GetClipboardData
AllowSetForegroundWindow
EmptyClipboard
DdeConnect
GetDesktopWindow
SendIMEMessageExA
InsertMenuItemW
TabbedTextOutA
GetClassNameW
DdeImpersonateClient
BroadcastSystemMessageA
CharUpperBuffW
EnumDisplaySettingsExW
EnumPropsA
DestroyIcon
FindWindowExA
MessageBoxW
DdeUnaccessData
GetUserObjectSecurity
wvsprintfA
LoadStringA
GetWindowRgn
GetMenuDefaultItem
EditWndProc
UnionRect
GetMenuBarInfo
SetCursorPos
GetPriorityClipboardFormat
LoadStringW
GetNextDlgGroupItem
CharLowerW
GetMessagePos
GetMenuCheckMarkDimensions
GetDC
BlockInput
SendMessageW
IsWindowUnicode
NotifyWinEvent
GetDlgItemTextW
DrawTextExW
ReplyMessage
EnumWindows
SetUserObjectInformationA
AnyPopup
GetProcessWindowStation
CloseClipboard
OpenWindowStationA
FillRect
VkKeyScanA
GetKeyboardLayoutNameW
IMPGetIMEW
TrackMouseEvent
DispatchMessageA
CopyAcceleratorTableW
DrawCaption
SetPropA
IsDialogMessageW
ArrangeIconicWindows
EnumDisplayMonitors
UnhookWindowsHookEx
LoadIconA

comdlg32

PageSetupDlgA
ChooseFontA
GetOpenFileNameA
PrintDlgExW
ReplaceTextA
GetFileTitleW
ReplaceTextW
ChooseColorA
PrintDlgA
FindTextA
FindTextW
GetFileTitleA
GetSaveFileNameW
PageSetupDlgW
ChooseFontW
PrintDlgW
ChooseColorW
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameW
PrintDlgExA

advapi32

RegOpenKeyExA
RegQueryValueExA

shlwapi

StrTrimW
PathGetArgsA
PathUndecorateW
SHRegGetPathW
StrChrIW
PathRemoveArgsW
SHDeleteEmptyKeyA
UrlUnescapeW
SHRegDeleteEmptyUSKeyA
SHRegQueryInfoUSKeyW
UrlIsOpaqueW
StrDupW
PathSkipRootA
StrCmpIW
IntlStrEqWorkerW
StrStrIW
PathRemoveExtensionW
SHQueryValueExW
StrIsIntlEqualA
ord16
SHDeleteEmptyKeyW
PathCreateFromUrlW
PathIsDirectoryEmptyA
PathUnquoteSpacesA
PathIsUNCServerA
SHRegGetUSValueW
ChrCmpIW
PathCommonPrefixW
PathRemoveArgsA
PathCombineW
PathIsURLW
SHEnumKeyExA
PathIsSystemFolderW
StrCSpnA
SHRegOpenUSKeyW
PathIsUNCServerW
PathRemoveExtensionA
PathSkipRootW
PathStripToRootA
SHIsLowMemoryMachine
PathCanonicalizeW
UrlUnescapeA
PathGetArgsW
UrlApplySchemeW
PathCommonPrefixA
PathIsRelativeW
SHQueryInfoKeyA
UrlCreateFromPathA
SHEnumValueA
wnsprintfA
PathIsNetworkPathW
PathIsURLA
AssocQueryStringW
PathRenameExtensionA
SHSetValueA
SHRegEnumUSKeyA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerQueryValueA
VerQueryValueW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dd
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf2d41002f6ed63c194f3e5fbd7399bb

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1Certificate

Extended Key Usages

67:90:31:52:de:63:2a:b7:b2:d2:be:7c:e1:ae:66:1e:61:7b:6a:d4Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shlwapi

version

Sections

.text Size: 3KB - Virtual size: 3KB

.dd Size: 41KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 960B

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

67:90:31:52:de:63:2a:b7:b2:d2:be:7c:e1:ae:66:1e:61:7b:6a:d4
Signer

.text
Size: 3KB - Virtual size: 3KB

.dd
Size: 41KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 960B