3613d12226009ec269a9072794fac79e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3613d12226009ec269a9072794fac79e_JaffaCakes118
Size

292KB
MD5

3613d12226009ec269a9072794fac79e
SHA1

75a1ed8e07e1531d7e283382df9f93d6e59c23b8
SHA256

6d33610cce386481d1d5d86d155f790af958d0a97b5dc9accc7f74357cf7b246
SHA512

2bf53e336305b678c49952b578a95cb8cd677868cb7a6dc2b446bae0779592fdec24c534d2d4034fc2646ecc72b369f4ccb098b21cbf51d3f9b2a69b831ba638
SSDEEP

6144:OXBlvdqWLqOK5/B5RyaynzgvGq6JhW7jQgtm0DTUtt:OXB/zL0/B5YzFHwtmL

Score

1^/10

Malware Config

Signatures

Files

3613d12226009ec269a9072794fac79e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

Issuer

CN=36262356236

Not Before

10/02/2012, 10:35

Not After

31/12/2039, 23:59

Subject

CN=36262356236

Extended Key Usages

ExtKeyUsageCodeSigning

95:81:4f:f3:c3:67:5d:02:72:ac:d4:0d:24:a7:3f:25:bb:07:e4:6d
Signer

Actual PE Digest

95:81:4f:f3:c3:67:5d:02:72:ac:d4:0d:24:a7:3f:25:bb:07:e4:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
CreateFileA

user32

SetLastErrorEx
MessageBoxA
ChangeMenuW
IsRectEmpty
DefMDIChildProcW
CloseClipboard
GetListBoxInfo
SetFocus
InsertMenuW
GetWindowTextA
IsCharAlphaA
GetThreadDesktop
GetMenuContextHelpId
GetDesktopWindow
DestroyMenu
GetClassNameW
GetTabbedTextExtentW
GetMessageTime
MessageBeep
LoadKeyboardLayoutW
SetProcessWindowStation
InSendMessageEx
RegisterWindowMessageA
IsChild
CopyRect
DestroyWindow
FindWindowExW
WinHelpW
GrayStringA
GetCaretPos
RegisterDeviceNotificationA
RealGetWindowClass
SendMessageA
GetMenuCheckMarkDimensions
CreateWindowExW
GetIconInfo
wvsprintfW
ValidateRect
InflateRect
LoadCursorFromFileA
DefFrameProcA
LoadKeyboardLayoutA
CopyIcon
DdeFreeDataHandle
OemToCharA
DialogBoxParamA
SetWindowWord
RemoveMenu
DdeGetLastError
GetMenu
CreateCaret
GetMessageA
GetDoubleClickTime
SendIMEMessageExW
CascadeChildWindows
GetKeyboardLayoutNameW
EndDeferWindowPos
SetCapture
ChangeDisplaySettingsW
DdeClientTransaction
wvsprintfA
GetTabbedTextExtentA
SetDeskWallpaper
UnionRect
GetWindowRect
GetSysColorBrush
IsDialogMessageA
BroadcastSystemMessage
TabbedTextOutW
CreateDialogParamA
DdeAccessData
RegisterClipboardFormatA
ScrollDC
CreateAcceleratorTableW
KillTimer
SendMessageTimeoutA
SetWindowsHookExA
ChangeDisplaySettingsExA
SetScrollInfo
OemKeyScan
HideCaret
EnumThreadWindows
MessageBoxIndirectA
DrawMenuBar
CreateDialogIndirectParamA
EnumWindowStationsA
DdeInitializeW
GetMouseMovePointsEx
ValidateRgn
GetWindowTextW
GetClassNameA
DestroyIcon
ClipCursor
GetWindowModuleFileName

comdlg32

ReplaceTextW
FindTextA
ChooseColorA
GetFileTitleW
GetSaveFileNameA
PrintDlgExW
PrintDlgExA
GetOpenFileNameA
GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
PageSetupDlgA
ChooseColorW
CommDlgExtendedError
ChooseFontA
ReplaceTextA
FindTextW
PrintDlgA
ChooseFontW
GetFileTitleA
PageSetupDlgW

comctl32

ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
DrawStatusText
ord16
ord5
ImageList_Create
ImageList_Add
ImageList_SetBkColor
InitializeFlatSB
CreatePropertySheetPage
FlatSB_EnableScrollBar
ImageList_DragLeave
ord13
ImageList_BeginDrag
ImageList_DrawEx
ImageList_SetFilter
InitCommonControlsEx
GetMUILanguage
FlatSB_GetScrollProp
ImageList_GetImageInfo
FlatSB_GetScrollRange
ImageList_AddIcon
ord3
ImageList_GetBkColor
ImageList_DragMove
ImageList_SetImageCount
ImageList_SetOverlayImage
InitMUILanguage
ImageList_Copy
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_Replace
CreateToolbarEx
ImageList_SetIconSize
ImageList_GetDragImage
ImageList_DragEnter
ImageList_LoadImage
ImageList_Write
ord8
FlatSB_SetScrollRange
FlatSB_GetScrollInfo
CreatePropertySheetPageW
ImageList_DrawIndirect
ord4
PropertySheetW
ImageList_Duplicate
ImageList_GetImageRect
FlatSB_SetScrollInfo
ImageList_AddMasked
DrawStatusTextW
ImageList_Destroy

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF1
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.texth
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4aCertificate

Extended Key Usages

95:81:4f:f3:c3:67:5d:02:72:ac:d4:0d:24:a7:3f:25:bb:07:e4:6dSigner

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

Sections

.text Size: 3KB - Virtual size: 3KB

.textF Size: 1024B - Virtual size: 1000B

.textF1 Size: 273KB - Virtual size: 273KB

.texth Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

95:81:4f:f3:c3:67:5d:02:72:ac:d4:0d:24:a7:3f:25:bb:07:e4:6d
Signer

.text
Size: 3KB - Virtual size: 3KB

.textF
Size: 1024B - Virtual size: 1000B

.textF1
Size: 273KB - Virtual size: 273KB

.texth
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB