3a54aadb1f24cc16632f1cf0d35feb3f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a54aadb1f24cc16632f1cf0d35feb3f_JaffaCakes118
Size

254KB
MD5

3a54aadb1f24cc16632f1cf0d35feb3f
SHA1

f72242f1a96127ac277a708fe87015f090cd88bd
SHA256

512b04aa1c75e4d4d4de5aeb0c4a483ba2dfd6845f431100c83ffbce45613f3e
SHA512

35e93270bb6eb2868aa083d60779a10ee2b1ac134366d8e698f5aee7dbf5a5e44502fe3de414469a2c4c75b84e6e02f800145b0f67eb97db7367e480b4c923b9
SSDEEP

3072:DqHLn7oFbe7z0zR/sHoEg8El7Ut3SJ9DLa84CFd73yOjIyZrG0og3XTo3VvApN85:C7z0SHFfU7YCLl4Cb7prC0oVVvWipz

Score

1^/10

Malware Config

Signatures

Files

3a54aadb1f24cc16632f1cf0d35feb3f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

389caf19ef27c742a17afc153f8c7987

Code Sign

65:1b:0f:94:a8:5e:49:66:b9:9d:fc:31:d2:a7:b3:69
Certificate

Issuer

CN=XodY8DToD5jhRuz1QZypcBH5c

Not Before

17-04-2012 06:32

Not After

31-12-2039 23:59

Subject

CN=XodY8DToD5jhRuz1QZypcBH5c

Extended Key Usages

ExtKeyUsageCodeSigning

d6:cb:7d:56:10:93:ec:6d:59:42:e6:36:9e:15:bd:32:0a:fe:a1:1d
Signer

Actual PE Digest

d6:cb:7d:56:10:93:ec:6d:59:42:e6:36:9e:15:bd:32:0a:fe:a1:1d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
VirtualAllocEx
AddAtomA
AddConsoleAliasA
AddConsoleAliasW
AllocateUserPhysicalPages
AreFileApisANSI
AssignProcessToJobObject
BackupRead
BeginUpdateResourceA
BindIoCompletionCallback
BuildCommDCBAndTimeoutsA
CallNamedPipeA
CallNamedPipeW
CancelWaitableTimer
ChangeTimerQueueTimer
ClearCommBreak
CloseHandle
CommConfigDialogW
CompareFileTime
CompareStringA
ConnectNamedPipe
ContinueDebugEvent
CopyFileW
CreateEventW
CreateFileMappingA
CreateHardLinkA
CreateJobObjectW
CreateNamedPipeW
CreatePipe
CreateRemoteThread
CreateSemaphoreA
CreateToolhelp32Snapshot
CreateWaitableTimerW
DebugBreak
DeleteCriticalSection
DeleteFiber
DeleteFileW
DeleteTimerQueue
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DnsHostnameToComputerNameA
EndUpdateResourceA
EnumDateFormatsA
EnumDateFormatsW
EnumSystemCodePagesW
EnumSystemLocalesA
EraseTape
ExitProcess
FatalAppExitA
FatalAppExitW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindCloseChangeNotification
FindFirstFileW
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextVolumeA
FindNextVolumeW
FindResourceA
FindResourceExW
FoldStringA
FreeConsole
FreeEnvironmentStringsW
FreeResource
GetBinaryTypeW
GetCPInfoExW
GetCalendarInfoA
GetCalendarInfoW
GetCommState
GetCommTimeouts
GetComputerNameExA
GetConsoleAliasExesLengthA
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleCP
GetConsoleCursorInfo
GetConsoleTitleW
GetConsoleWindow
GetCurrencyFormatA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDefaultCommConfigA
GetDevicePowerState
GetEnvironmentStringsW
GetFileAttributesExA
GetFileAttributesExW
GetFileInformationByHandle
GetFileType
GetLastError
GetLocaleInfoA
GetMailslotInfo
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateW
GetNumberFormatA
GetNumberFormatW
GetPrivateProfileIntW
GetPrivateProfileSectionNamesA
GetProcessAffinityMask
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProfileSectionW
GetShortPathNameW
GetStartupInfoA
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemInfo
GetSystemPowerStatus
GetSystemWindowsDirectoryW
GetTapePosition
GetTapeStatus
GetTempFileNameW
GetTempPathA
GetThreadLocale
GetThreadPriorityBoost
GetThreadSelectorEntry
lstrcatA
GetUserDefaultLangID
GetVersion
GetVersionExA
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAddAtomA
GlobalAddAtomW
GlobalCompact
GlobalDeleteAtom
GlobalFlags
GlobalHandle
GlobalLock
GlobalUnlock
GlobalWire
HeapDestroy
HeapReAlloc
InitAtomTable
InitializeCriticalSectionAndSpinCount
IsBadCodePtr
IsDebuggerPresent
IsProcessorFeaturePresent
IsSystemResumeAutomatic
IsValidLanguageGroup
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalLock
LocalReAlloc
LocalSize
LockFile
Module32FirstW
MoveFileA
MoveFileW
OpenFile
OpenFileMappingA
OpenJobObjectW
OpenMutexW
OpenSemaphoreW
OpenThread
PeekConsoleInputA
PostQueuedCompletionStatus
PrepareTape
ProcessIdToSessionId
PurgeComm
QueryPerformanceCounter
ReadConsoleOutputCharacterA
ReadFile
ReleaseSemaphore
ReplaceFile
ResetEvent
RtlFillMemory
RtlZeroMemory
SetCalendarInfoW
SetCommMask
SetComputerNameW
SetConsoleCP
SetConsoleCursorPosition
SetConsoleDisplayMode
SetConsoleMode
SetConsoleScreenBufferSize
SetCriticalSectionSpinCount
SetDefaultCommConfigA
SetDefaultCommConfigW
SetEndOfFile
SetEnvironmentVariableW
SetFileApisToANSI
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetInformationJobObject
SetLocaleInfoW
SetMailslotInfo
SetPriorityClass
SetProcessAffinityMask
SetStdHandle
SetSystemTimeAdjustment
SetTapeParameters
SetThreadExecutionState
SetThreadLocale
SetThreadPriorityBoost
SetTimerQueueTimer
SignalObjectAndWait
SuspendThread
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TerminateThread
Thread32Next
TryEnterCriticalSection
UpdateResourceA
VerLanguageNameW
VerSetConditionMask
VerifyVersionInfoW
VirtualFreeEx
VirtualProtectEx
VirtualQuery
VirtualUnlock
WaitCommEvent
WaitForDebugEvent
WaitForMultipleObjects
WaitNamedPipeA
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleOutputA
WriteConsoleOutputAttribute
WriteFileEx
WriteFileGather
WritePrivateProfileSectionA
WritePrivateProfileStructW
WriteProcessMemory
WriteProfileSectionW
WriteProfileStringA
WriteProfileStringW
WriteTapemark
_hread
_lcreat
_lopen
_lwrite
lstrcmp
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpy
lstrcpyn
GetThreadTimes
CreateFileA
UnhandledExceptionFilter
RtlUnwind
SetUnhandledExceptionFilter

advapi32

RegOpenKeyExW

oleaut32

ClearCustData
CreateDispTypeInfo
CreateTypeLib2
DosDateTimeToVariantTime
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LoadRegTypeLi
LoadTypeLi
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreatePictureIndirect
OleCreatePropertyFrame
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleTranslateColor
RegisterActiveObject
RegisterTypeLi
RevokeActiveObject
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCreate
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayGetElemsize
SafeArrayGetVartype
SafeArrayLock
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysStringByteLen
SystemTimeToVariantTime
VARIANT_UserMarshal
VARIANT_UserSize
VarAbs
VarAdd
VarBoolFromDate
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromR8
VarBstrCmp
VarBstrFromDate
VarBstrFromI1
VarBstrFromI2
VarBstrFromR8
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyFix
VarCyFromDate
VarCyFromDisp
VarCyFromI1
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyMulI4
VarCyNeg
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI4
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUdate
VarDateFromUdateEx
VarDecAdd
VarDecCmp
VarDecDiv
VarDecFix
VarDecFromDate
VarDecFromI2
VarDecFromI4
VarDecFromR4
VarDecFromR8
VarDecFromUI1
VarDecInt
VarDecRound
VarDecSu
VarDiv
VarFormat
VarFormatFromTokens
VarI1FromBool
VarI1FromCy
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromR8
VarI1FromUI2
VarI2FromCy
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI4
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarMod
VarMonthName
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR8FromBool
VarR8FromDec
VarR8FromI1
VarR8FromI2
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8Round
VarRound
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromI1
VarUI1FromI4
VarUI1FromR4
VarUI1FromStr
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI4FromCy
VarUI4FromDate
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromR4
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantCopy
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr
BSTR_UserMarshal
BSTR_UserFree
BSTR_UserSize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

389caf19ef27c742a17afc153f8c7987

Code Sign

65:1b:0f:94:a8:5e:49:66:b9:9d:fc:31:d2:a7:b3:69Certificate

Extended Key Usages

d6:cb:7d:56:10:93:ec:6d:59:42:e6:36:9e:15:bd:32:0a:fe:a1:1dSigner

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

Sections

.text Size: 4KB - Virtual size: 4KB

.text3 Size: 1024B - Virtual size: 1000B

.text4 Size: 1024B - Virtual size: 1000B

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.text2 Size: 233KB - Virtual size: 232KB

.reloc Size: 3KB - Virtual size: 2KB

65:1b:0f:94:a8:5e:49:66:b9:9d:fc:31:d2:a7:b3:69
Certificate

d6:cb:7d:56:10:93:ec:6d:59:42:e6:36:9e:15:bd:32:0a:fe:a1:1d
Signer

.text
Size: 4KB - Virtual size: 4KB

.text3
Size: 1024B - Virtual size: 1000B

.text4
Size: 1024B - Virtual size: 1000B

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.text2
Size: 233KB - Virtual size: 232KB

.reloc
Size: 3KB - Virtual size: 2KB