37d59969d1ca85beb9157b113da528a5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

37d59969d1ca85beb9157b113da528a5_JaffaCakes118
Size

75KB
MD5

37d59969d1ca85beb9157b113da528a5
SHA1

564328dac6087dde7fbcc2633256b205885377af
SHA256

5cead2fe65867c774b3a2fdebb1e7f45a359a5f27f8924a7cc4fec7787d07695
SHA512

f1e7b28e76f89f5d1b5c6a72898588fbef0f57a7f3bc57b12699b6e73f6c23fe88ea7e522e6990cda16dc46bc5668bf82df99a1f1180728a4e6292117743cd1b
SSDEEP

1536:zaAnbXVjOb+9URGk5twuMAgC5Z3nVuqE5yuAa5hhde80:zaAnbXVjObSMiby5buNwjaLe8

Score

1^/10

Malware Config

Signatures

Files

37d59969d1ca85beb9157b113da528a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8946be53441b3ea767587ba1182f91a9

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

Issuer

CN=NCrG992VieeQ

Not Before

14-03-2012 06:19

Not After

31-12-2039 23:59

Subject

CN=NCrG992VieeQ

Extended Key Usages

ExtKeyUsageCodeSigning

41:2f:64:6e:04:1f:1d:3d:2f:c6:24:af:55:21:36:5b:9c:99:4b:0f
Signer

Actual PE Digest

41:2f:64:6e:04:1f:1d:3d:2f:c6:24:af:55:21:36:5b:9c:99:4b:0f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
InterlockedCompareExchange
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetProcAddress
CreateFileA
VirtualAlloc
BeginUpdateResourceA
BuildCommDCBAndTimeoutsA
CancelIo
CreateHardLinkW
CreateJobObjectW
CreateTapePartition
DefineDosDeviceA
DefineDosDeviceW
EnterCriticalSection
EnumDateFormatsExW
EnumResourceLanguagesA
EnumResourceTypesW
EnumSystemLanguageGroupsA
EnumTimeFormatsW
EnumUILanguagesA
FileTimeToSystemTime
FindAtomA
FindClose
FlushInstructionCache
FoldStringA
GetBinaryType
GetCPInfo
GetCPInfoExA
GetCommModemStatus
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleAliasesW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentDirectoryW
GetDefaultCommConfigW
GetDriveTypeA
GetFileSizeEx
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetModuleFileNameA
GetProcessAffinityMask
GetShortPathNameA
GetShortPathNameW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetTapeStatus
GetTempPathA
GetTempPathW
GetThreadPriorityBoost
GetThreadSelectorEntry
GetTimeZoneInformation
GetUserDefaultLangID
GetVersionExW
GetVolumePathNameW
GlobalMemoryStatusEx
GlobalReAlloc
Heap32Next
HeapCompact
HeapFree
HeapLock
HeapUnlock
InterlockedIncrement
IsBadStringPtrW
IsDBCSLeadByteEx
IsValidLanguageGroup
IsValidLocale
LoadLibraryExW
LoadLibraryW
LoadModule
LocalFileTimeToFileTime
LocalHandle
LocalShrink
MoveFileA
OpenSemaphoreW
OpenWaitableTimerA
ReleaseMutex
ReplaceFileW
SetComputerNameA
SetComputerNameExA
SetComputerNameExW
SetComputerNameW
SetEnvironmentVariableW
SetLastError
SetThreadPriority
Thread32Next
VerLanguageNameA
VerLanguageNameW
VerifyVersionInfoW
VirtualProtect
WaitForMultipleObjects
WriteConsoleOutputW
WritePrivateProfileStringA
WritePrivateProfileStructW
lstrcatA
lstrcmpiW

user32

OpenClipboard
OpenIcon
RemovePropW
ScreenToClient
ScrollWindowEx
SendIMEMessageExA
SendMessageW
SetActiveWindow
SetCaretPos
SetClipboardViewer
SetDebugErrorLevel
SetDlgItemTextW
SetWindowLongW
SetWindowsHookExA
ShowCaret
SwitchDesktop
SystemParametersInfoA
ToAscii
TrackPopupMenuEx
UnloadKeyboardLayout
UnregisterClassA
VkKeyScanExA
WindowFromPoint
wsprintfA
wvsprintfA
OemToCharBuffA
OemKeyScan
MessageBoxW
MessageBoxExW
MapWindowPoints
MapVirtualKeyA
LoadIconW
LoadBitmapA
IsZoomed
IsWindowUnicode
IsWindow
IsDialogMessage
IMPGetIMEW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowDC
GetWindowContextHelpId
GetThreadDesktop
GetPriorityClipboardFormat
GetMouseMovePointsEx
GetMessagePos
GetMenuStringA
GetMenuInfo
GetMenuDefaultItem
GetLastInputInfo
GetKeyboardLayoutNameW
GetKeyboardLayout
GetKeyState
GetDlgItemTextW
GetClipCursor
GetClassNameW
GetClassInfoExA
GetAncestor
EnumDisplaySettingsA
EnumDisplayDevicesW
EnumDisplayDevicesA
EnumDesktopsW
EnableWindow
EmptyClipboard
DrawTextW
DrawTextExW
DrawStateA
DragObject
DlgDirSelectComboBoxExW
DialogBoxIndirectParamW
DefWindowProcW
DefFrameProcW
DdePostAdvise
DdeImpersonateClient
DdeEnableCallback
DdeConnectList
DdeAccessData
CreateIconIndirect
CreateDialogParamA
CreateDesktopW
CreateCursor
CountClipboardFormats
CopyRect
CopyAcceleratorTableA
CheckRadioButton
CharUpperBuffA
ChangeMenuW
ChangeDisplaySettingsA
CascadeWindows
EndPaint

shell32

SHBrowseForFolderA
Shell_NotifyIconW
Shell_NotifyIcon
ShellExecuteW
ShellAboutA
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHInvokePrinterCommandW
SHInvokePrinterCommandA
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetSettings
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractIconExA
ExtractIconExW
FindExecutableA
SHGetPathFromIDListW
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
WOWShellExecute
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHEmptyRecycleBinW
SHFileOperation
SHFreeNameMappings
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoW
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA

shlwapi

StrChrIA
StrChrIW
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrStrIA
StrStrIW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8946be53441b3ea767587ba1182f91a9

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3bCertificate

Extended Key Usages

41:2f:64:6e:04:1f:1d:3d:2f:c6:24:af:55:21:36:5b:9c:99:4b:0fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 12KB - Virtual size: 11KB

.text1 Size: 55KB - Virtual size: 55KB

.data Size: 1024B - Virtual size: 944B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

41:2f:64:6e:04:1f:1d:3d:2f:c6:24:af:55:21:36:5b:9c:99:4b:0f
Signer

.text
Size: 12KB - Virtual size: 11KB

.text1
Size: 55KB - Virtual size: 55KB

.data
Size: 1024B - Virtual size: 944B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB