370751a3ce2afdd411f2313c0f21ec3e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

370751a3ce2afdd411f2313c0f21ec3e_JaffaCakes118
Size

321KB
MD5

370751a3ce2afdd411f2313c0f21ec3e
SHA1

25d99b6e40c105c9c0ef611cd6734688928b0efa
SHA256

e0b22e6cf530525dac73ba90fb7d9a01106134f76603a54d7dbd283ab90baa56
SHA512

33f7c629e686ab9969dd3227d05f6fa5a911388c96344c77ad654fa61b928ad342a4e5d30224c033bfa368204c9b579daeef4e5c247673ea1defe738713edcd6
SSDEEP

6144:GwTTubg4DQC6ziRo0sYXkkDm5TsCQIaNEN4xxgBiixuqFsE6aoZK:zspF6K1dnUIIaNniBinq+naj

Score

1^/10

Malware Config

Signatures

Files

370751a3ce2afdd411f2313c0f21ec3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

Issuer

CN=23612

Not Before

03/02/2012, 15:38

Not After

31/12/2039, 23:59

Subject

CN=23612

Extended Key Usages

ExtKeyUsageCodeSigning

d7:7e:fa:31:9f:73:f2:3b:c3:aa:43:f1:5e:6a:a5:2f:67:d3:0b:e2
Signer

Actual PE Digest

d7:7e:fa:31:9f:73:f2:3b:c3:aa:43:f1:5e:6a:a5:2f:67:d3:0b:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VerSetConditionMask
ClearCommError
GetTimeFormatW
CompareStringA
LoadLibraryExA
UpdateResourceA
SetConsoleCursorInfo
GetSystemInfo
FlushConsoleInputBuffer
GetTempPathW
FindResourceExA
GlobalFindAtomW
GlobalAlloc
SystemTimeToFileTime
GetModuleHandleA
WaitForMultipleObjects
DeleteFileW
GetFileInformationByHandle
lstrcat
CreateProcessW
GetPrivateProfileSectionNamesA
GetConsoleAliasExesA
DosDateTimeToFileTime
PostQueuedCompletionStatus
ReadDirectoryChangesW
GetProcessVersion
SetProcessPriorityBoost
GetUserDefaultLCID
Module32NextW
EnumDateFormatsExW
SetProcessAffinityMask
UnregisterWait
lstrcmpA
SetComputerNameExW
GetDriveTypeA
EnumTimeFormatsA
GetTapeParameters
FindCloseChangeNotification
OpenJobObjectW
SetConsoleDisplayMode
EnumSystemLanguageGroupsA
CreateMailslotA
GetConsoleAliasA
GlobalFlags
GlobalAddAtomW
DeleteFiber
MapUserPhysicalPages
GetCurrencyFormatA
SetUnhandledExceptionFilter
EnumCalendarInfoExA
CreateHardLinkW
UnregisterWaitEx
GetSystemTimeAsFileTime
InterlockedExchangeAdd
MoveFileW
GetFileAttributesExA
CompareStringW
DeleteVolumeMountPointA
SetSystemTime
GetBinaryTypeA
ReadFile
GetProfileStringA
GetVolumePathNameW
IsProcessorFeaturePresent
VerifyVersionInfoW
GetSystemWindowsDirectoryW
FreeConsole
CancelTimerQueueTimer
FindFirstChangeNotificationA
LockResource
ProcessIdToSessionId
FileTimeToLocalFileTime
DefineDosDeviceA
EnumResourceLanguagesW
SetLocaleInfoW
GetConsoleWindow
GetConsoleCP
InitializeCriticalSection
GetSystemDefaultLangID
EnumResourceTypesA
FindFirstFileW
RtlFillMemory
OpenSemaphoreA
HeapValidate
UpdateResourceW
CreateRemoteThread
HeapAlloc
FreeUserPhysicalPages
GlobalFix

user32

LoadIconW
ChangeDisplaySettingsA
GetKeyState
DefWindowProcW
GetProcessDefaultLayout
CreateDialogParamA
DlgDirListW
WINNLSGetIMEHotkey
EnumDesktopsW
SendMessageA
EndTask
GetMenuStringW
GetWindowLongA
SetParent
DdeNameService
CharUpperBuffA
SetPropA
DlgDirSelectExA
UnregisterClassA
GetWindowTextLengthA
CharToOemBuffW
ScreenToClient
SetMenuItemBitmaps
GetCursorInfo
DdeUnaccessData
WINNLSGetEnableStatus
IsChild
OpenDesktopA
GetUpdateRect
GetLastActivePopup
VkKeyScanExW
CreateWindowExW
LoadBitmapW
IsClipboardFormatAvailable
OemKeyScan
SetWindowsHookExW
LookupIconIdFromDirectoryEx
DeleteMenu
SetCapture
InSendMessageEx
GetClipboardFormatNameA
VkKeyScanW
LoadMenuIndirectW
CascadeWindows
IsWindowUnicode
DialogBoxIndirectParamW
CreateAcceleratorTableW
DdeUninitialize
ToAscii
IsRectEmpty
GrayStringW
GetAltTabInfoA
SetWindowsHookW
LoadCursorA
ChildWindowFromPointEx
OpenWindowStationW
GetMenuStringA
IMPGetIMEA
EnumWindows
DrawStateW
ShowCursor
GetMenuItemInfoW
DestroyWindow
RegisterShellHookWindow
SetProcessDefaultLayout
DefDlgProcA
InvalidateRect
SendMessageCallbackA
RemoveMenu
PostThreadMessageW
SetWindowWord
SetSystemCursor
IsCharAlphaW
SetUserObjectInformationA
ShowOwnedPopups
GetCursor
EmptyClipboard
CharNextExA
GetClientRect
CharToOemBuffA
TrackPopupMenu
IntersectRect
ValidateRgn
DialogBoxParamW
GetTitleBarInfo
UnhookWindowsHookEx
SetWindowsHookA
GetClipboardData
CreateIconFromResource
GetMenuContextHelpId
SetDeskWallpaper
CharUpperBuffW
ActivateKeyboardLayout

advapi32

RegOpenKeyExW

ole32

CoDisableCallCancellation
CoEnableCallCancellation
OleFlushClipboard
HICON_UserFree
OleLoad
OleMetafilePictFromIconAndLabel
CreateObjrefMoniker
CLIPFORMAT_UserMarshal
OleRegGetUserType
CoGetStdMarshalEx
UtConvertDvtd32toDvtd16
CoReactivateObject
CoGetClassObject
STGMEDIUM_UserSize
HBRUSH_UserMarshal
CoUnloadingWOW
StgGetIFillLockBytesOnILockBytes
CoDeactivateObject
SetDocumentBitStg
OleDraw
CoGetObjectContext
HBITMAP_UserSize
CoAddRefServerProcess
OleCreateLinkEx
CoTreatAsClass
WriteClassStm
DllDebugObjectRPCHook
HWND_UserFree
CreateOleAdviseHolder
WriteOleStg
CoTaskMemAlloc
ReadClassStm
OleConvertIStorageToOLESTREAMEx
SNB_UserSize
StgConvertPropertyToVariant
OleLoadFromStream
ReadClassStg
StgIsStorageILockBytes
CoQueryAuthenticationServices
CoGetCancelObject
StgCreateDocfile
OleBuildVersion
OleCreate
CoMarshalInterface
HDC_UserFree
HPALETTE_UserMarshal
OleGetIconOfFile
CoUninitialize
OleCreateFromFile
WriteClassStg
CoLockObjectExternal
GetHookInterface
WdtpInterfacePointer_UserSize
CoRegisterMallocSpy
CoGetTreatAsClass
PropStgNameToFmtId
HBRUSH_UserUnmarshal
StringFromCLSID
WriteFmtUserTypeStg
HACCEL_UserMarshal
STGMEDIUM_UserFree
GetHGlobalFromStream
HENHMETAFILE_UserUnmarshal
CoRevokeMallocSpy
StgCreatePropSetStg
CoCreateObjectInContext
OleSetClipboard
HBITMAP_UserUnmarshal
HACCEL_UserUnmarshal
OleCreateLinkFromData
UtGetDvtd32Info
CoSetProxyBlanket
CoSwitchCallContext
GetDocumentBitStg
CoRegisterSurrogate
CoGetObject
OleGetIconOfClass
OleUninitialize
CoCancelCall
HDC_UserMarshal
OleRegEnumVerbs

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:eeCertificate

Extended Key Usages

d7:7e:fa:31:9f:73:f2:3b:c3:aa:43:f1:5e:6a:a5:2f:67:d3:0b:e2Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 304KB - Virtual size: 304KB

.text2 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

d7:7e:fa:31:9f:73:f2:3b:c3:aa:43:f1:5e:6a:a5:2f:67:d3:0b:e2
Signer

.text
Size: 304KB - Virtual size: 304KB

.text2
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB