3605d6395f6e012c8d13a9d922c98163_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3605d6395f6e012c8d13a9d922c98163_JaffaCakes118
Size

24KB
MD5

3605d6395f6e012c8d13a9d922c98163
SHA1

3f267c0c02ebf7ece04e105e6e552458ca7264d8
SHA256

a47cad67d3931ea24b5dfe18b77b22e24446f78b6c6387323ff64a0bcef51538
SHA512

8449ea494cd5bf270f4a53764af255c64bec50ec5664d82c076b7ec13871f50428613985a69d05d3c01caa03d49404c997cc00cfb094a3f2af8cbbb88a9180dc
SSDEEP

384:9k1IY1Z8Ln8DjOS2m5vSlljEADRZmcZQrQkCXsL25pHJahh4WWieZW8b:9k1v8j+H26vQDRAcZwQkVqrHJahhdep

Score

1^/10

Malware Config

Signatures

Files

3605d6395f6e012c8d13a9d922c98163_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72131cbd13137b692b87ec16e067044d

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12-03-2012 12:03

Not After

31-12-2039 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

57:93:23:bc:01:2b:35:fb:4e:b3:68:0e:6e:13:e0:ba:e2:2f:38:b8
Signer

Actual PE Digest

57:93:23:bc:01:2b:35:fb:4e:b3:68:0e:6e:13:e0:ba:e2:2f:38:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcpyn
lstrcpyA
lstrcmpA
lstrcmp
_hread
WriteFileEx
WriteConsoleW
WinExec
WaitForDebugEvent
TlsAlloc
SwitchToFiber
SetVolumeMountPointW
SetThreadIdealProcessor
SetTapePosition
SetSystemPowerState
SetPriorityClass
SetLocalTime
SetEnvironmentVariableA
SetCurrentDirectoryW
SetConsoleTitleW
SetConsoleMode
SetConsoleCtrlHandler
SetConsoleCP
SetComputerNameW
SetComputerNameExW
SetCommTimeouts
SetCommState
SetCalendarInfoA
RemoveDirectoryW
ReadConsoleInputW
PeekNamedPipe
PeekConsoleInputW
OpenThread
OpenSemaphoreW
MoveFileW
Module32Next
MapViewOfFile
LocalShrink
LoadLibraryExW
LoadLibraryExA
IsBadStringPtrA
InitializeCriticalSectionAndSpinCount
GlobalUnWire
GlobalDeleteAtom
GetTimeZoneInformation
GetModuleHandleA
GetThreadTimes
GetThreadContext
GetTapeParameters
GetStringTypeW
GetStdHandle
GetPrivateProfileIntA
GetModuleFileNameW
GetDiskFreeSpaceExW
GetCurrencyFormatW
GetCurrencyFormatA
GetConsoleScreenBufferInfo
GetConsoleFontSize
GetConsoleAliasExesA
GetComputerNameExA
GetCommandLineA
GetCommProperties
GetACP
GenerateConsoleCtrlEvent
FreeLibraryAndExitThread
FreeConsole
FoldStringW
FlushConsoleInputBuffer
FindVolumeClose
FindNextFileW
FindCloseChangeNotification
FindClose
FillConsoleOutputCharacterW
ExpandEnvironmentStringsW
EscapeCommFunction
EnumTimeFormatsW
EnumSystemLanguageGroupsW
EnumSystemLanguageGroupsA
EnumCalendarInfoExA
DeleteFileW
DeleteFiber
CreateThread
CreateJobObjectW
CreateIoCompletionPort
CreateEventW
CompareFileTime
CommConfigDialogW
CancelTimerQueueTimer
BuildCommDCBAndTimeoutsW
BindIoCompletionCallback
AllocateUserPhysicalPages
GetProcAddress
GetTempPathA

msvcrt

memset

user32

wvsprintfA
wsprintfW
keybd_event
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TrackPopupMenu
ToAscii
TileChildWindows
SubtractRect
ShowOwnedPopups
SetWinEventHook
SendInput
SendIMEMessageExA
ReleaseCapture
RegisterClassA
RealGetWindowClassA
OpenIcon
OffsetRect
OemToCharW
MsgWaitForMultipleObjectsEx
MoveWindow
MonitorFromRect
MonitorFromPoint
ModifyMenuA
MessageBoxIndirectW
MessageBoxA
MapVirtualKeyExA
MapDialogRect
LookupIconIdFromDirectoryEx
LockWorkStation
LoadIconA
LoadCursorA
IsMenu
InSendMessageEx
ImpersonateDdeClientWindow
IMPGetIMEA
GetWindowTextLengthW
GetUserObjectInformationW
GetTabbedTextExtentA
GetSysColorBrush
GetPropW
GetMonitorInfoW
GetMessageW
GetMessageTime
GetMenuItemCount
GetMenuBarInfo
GetLastInputInfo
GetKeyboardLayout
GetKeyNameTextA
GetInputState
GetDlgItemTextA
GetDlgCtrlID
GetDesktopWindow
GetCursor
GetClipboardFormatNameA
GetClassInfoW
GetClassInfoExW
GetAltTabInfo
FlashWindow
FindWindowExW
FindWindowExA
FindWindowA
EnumWindows
EnumThreadWindows
EnumDesktopsA
EnableScrollBar
DrawTextW
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DestroyAcceleratorTable
DdeQueryStringA
DdeInitializeA
DdeImpersonateClient
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamW
CreateCaret
CopyIcon
CloseWindowStation
ClientToScreen
CheckMenuRadioItem
CharUpperBuffW
CharPrevExA
CharNextW
ChangeMenuW
ChangeMenuA
CascadeChildWindows
CallWindowProcA
CallNextHookEx
AppendMenuW
GetMessageA

gdi32

AddFontResourceTracking
ArcTo
BitBlt
CLIPOBJ_bEnum
CloseEnhMetaFile
CreateBitmap
CreateColorSpaceW
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateFontIndirectW
CreateMetaFileA
CreatePenIndirect
CreatePolygonRgn
CreateRectRgnIndirect
CreateRoundRectRgn
DeleteColorSpace
DeleteDC
EngEraseSurface
EngLoadModule
EngLockSurface
EngQueryEMFInfo
EngStretchBlt
ExtCreateRegion
FONTOBJ_pvTrueTypeFontFile
FillRgn
FlattenPath
GdiCleanCacheDC
GdiConvertBitmapV5
GdiConvertFont
GdiDescribePixelFormat
GdiEntry10
GdiEntry4
GdiEntry5
GdiFixUpHandle
GdiGetLocalDC
GdiResetDCEMF
GdiSetAttrs
GdiSetLastError
GdiValidateHandle
GetBitmapBits
GetCharWidth32A
GetCharacterPlacementW
GetColorSpace
GetDCOrgEx
GetDIBColorTable
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetEnhMetaFileDescriptionW
GetEnhMetaFilePaletteEntries
GetFontUnicodeRanges
GetGlyphIndicesA
GetKerningPairs
GetMetaRgn
GetNearestPaletteIndex
GetObjectA
GetOutlineTextMetricsW
GetPaletteEntries
GetPath
GetPixel
GetStringBitmapW
GetTextMetricsW
GetWindowOrgEx
GetWorldTransform
InvertRgn
ModifyWorldTransform
OffsetViewportOrgEx
PatBlt
Pie
PlgBlt
PolyBezierTo
PolyDraw
PolyPolyline
RemoveFontResourceExW
RemoveFontResourceW
ResetDCA
RestoreDC
RoundRect
STROBJ_vEnumStart
SaveDC
SetBkColor
SetDCBrushColor
SetLayoutWidth
SetMapMode
SetMetaRgn
SetPixelV
SetROP2
SetRectRgn
SetSystemPaletteUse
XFORMOBJ_iGetXform
XLATEOBJ_hGetColorTransform
bMakePathNameW
AddFontResourceA

advapi32

RegOpenKeyExW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72131cbd13137b692b87ec16e067044d

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

57:93:23:bc:01:2b:35:fb:4e:b3:68:0e:6e:13:e0:ba:e2:2f:38:b8Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

57:93:23:bc:01:2b:35:fb:4e:b3:68:0e:6e:13:e0:ba:e2:2f:38:b8
Signer

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB