3a6a14d085ad33a880acd1195bbc9c51_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a6a14d085ad33a880acd1195bbc9c51_JaffaCakes118
Size

308KB
MD5

3a6a14d085ad33a880acd1195bbc9c51
SHA1

6b7b3c9b63e57c01fe36e10b9a8de71732d518ab
SHA256

3683a1f9495b5aaa08641c3a1d6dad11c8478ee0af318deed7bdb94213344408
SHA512

7f4bba1749f17b5a76b689b13e5f674c3500dfdb6c6e2e002d3497bfa1a03b7e5ac515edfd28b72fc0a7c3acacab995220979ae1b014ff1d982503593bd25e2f
SSDEEP

6144:C4Ouatq9nLtnGR9XACo5TdW+UKaG4JFW/gRVzgUEjRDrviICUr:C4O9t6ZnGLX/yZaKP4J02FartJr

Score

1^/10

Malware Config

Signatures

Files

3a6a14d085ad33a880acd1195bbc9c51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bfb4b9b854827ea603429ed8fcf0305c

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

Issuer

CN=drVoA01yoqkQ

Not Before

14/03/2012, 05:55

Not After

31/12/2039, 23:59

Subject

CN=drVoA01yoqkQ

Extended Key Usages

ExtKeyUsageCodeSigning

14:1f:de:07:04:82:96:9e:f8:60:0e:43:b9:91:04:96:6c:e6:58:a1
Signer

Actual PE Digest

14:1f:de:07:04:82:96:9e:f8:60:0e:43:b9:91:04:96:6c:e6:58:a1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetLogicalDriveStringsA
LoadLibraryA
GetProcAddress
lstrcpyW
LoadLibraryW
ScrollConsoleScreenBufferW
GetConsoleAliasExesW
DisconnectNamedPipe
HeapAlloc
SwitchToThread
MoveFileWithProgressW
GetACP
PulseEvent
RtlFillMemory
ProcessIdToSessionId
Module32Next
Module32FirstW
SetupComm
GetNumberFormatW
FlushConsoleInputBuffer
InitializeCriticalSectionAndSpinCount
OpenEventA
SetConsoleTextAttribute
TransmitCommChar
SetEndOfFile
SetProcessShutdownParameters
QueryPerformanceCounter
lstrlenW
GetConsoleAliasExesA
GetPrivateProfileSectionW
RtlUnwind
EnumCalendarInfoA
VerifyVersionInfoW
UnlockFile
DisableThreadLibraryCalls
GetCommState
GetFileTime
IsValidCodePage
OpenEventW
CreateConsoleScreenBuffer
DeleteVolumeMountPointW
GetSystemDirectoryW
EnumResourceTypesA
GlobalAlloc
TransactNamedPipe
GlobalUnfix
IsBadStringPtrA
CreateRemoteThread
DeleteFiber
GetVolumePathNameW
CopyFileW
GetNumberFormatA
GetProcessAffinityMask
EnumSystemLocalesW
LocalFileTimeToFileTime
VirtualUnlock
GetSystemTimeAdjustment
SetThreadAffinityMask
_hwrite
GetVolumeInformationA
TlsFree
FreeLibrary
GetFileSize
SetLocaleInfoW
lstrcmpiA
ReadConsoleOutputAttribute
SignalObjectAndWait
TlsAlloc
PeekNamedPipe
GetPrivateProfileStructA
CreateWaitableTimerW
SetProcessPriorityBoost
GetCurrencyFormatW
GetMailslotInfo
GlobalGetAtomNameA
GlobalUnWire
GetComputerNameW
SetThreadExecutionState
AddConsoleAliasA
GetVolumeNameForVolumeMountPointW
lstrcpynW
LocalCompact
FindNextChangeNotification
GetCPInfoExA
GetProcessShutdownParameters
WriteConsoleOutputW
SetHandleCount
MoveFileWithProgressA
GetConsoleTitleA
SetCurrentDirectoryA
GetDiskFreeSpaceExA
DebugActiveProcess
BeginUpdateResourceA
LoadModule
GetThreadLocale

user32

GetInputState
GetClipboardFormatNameW
ReleaseCapture
LoadStringW
OpenDesktopA
DdeInitializeW
TileChildWindows
IsWindow
DdeCmpStringHandles
UpdateLayeredWindow
ActivateKeyboardLayout
MoveWindow
AttachThreadInput
SwapMouseButton
ValidateRgn
BeginPaint
EnumPropsA
GetClassInfoW
DrawFrameControl
GetTabbedTextExtentW
DdeKeepStringHandle
MsgWaitForMultipleObjectsEx
MessageBeep
DefWindowProcA
GetPriorityClipboardFormat
SendIMEMessageExW
SetMenuContextHelpId
DdeQueryNextServer
SetActiveWindow
ArrangeIconicWindows
IsRectEmpty
EnumDisplaySettingsA
PostMessageA
MapVirtualKeyExA
IsClipboardFormatAvailable
SetMenuItemBitmaps
InsertMenuA
ReplyMessage
DrawAnimatedRects
GetClipCursor
GetMenuItemInfoA
CharUpperA
HideCaret
SetWindowWord
EnumDisplayDevicesA
SetWindowsHookExA
InvertRect
SetLayeredWindowAttributes
ExcludeUpdateRgn
CreateIcon
GetMenuItemID
DefMDIChildProcW
GetSubMenu
DrawTextExW
GetWindowLongA
LookupIconIdFromDirectory
CharLowerBuffA
GetCaretPos
SetPropA
CreateCaret
CreateDesktopA
SetShellWindow
AppendMenuA
CreateMenu
DlgDirSelectExW
GetMenuItemRect
BroadcastSystemMessageA
SetDebugErrorLevel
CharUpperW
EnumDisplaySettingsExW
FindWindowA
GetUserObjectInformationW
DlgDirListComboBoxW
MessageBoxA
RegisterDeviceNotificationA
TranslateMDISysAccel
RegisterWindowMessageW
LoadMenuIndirectA
ToAsciiEx
CharPrevA
DestroyWindow
ToAscii
SetDlgItemInt
ShowOwnedPopups
GetKBCodePage
SystemParametersInfoW
SetWindowContextHelpId
GetCaretBlinkTime
CharLowerW

gdi32

GdiDeleteSpoolFileHandle
SetRectRgn
GdiSetAttrs
GetPath
STROBJ_dwGetCodePage
CreateHatchBrush
GdiConvertFont
SetTextColor
CreateRectRgn
OffsetClipRgn
PATHOBJ_vGetBounds
EngTextOut
GetCharABCWidthsI
SetTextAlign
EnumMetaFile
GdiConvertBrush
GetCharWidthI
CopyEnhMetaFileW
CloseEnhMetaFile
GdiPlayDCScript
EngGetCurrentCodePage
GdiGetSpoolMessage
GdiPlayEMF
EnableEUDC
SetPixel
StretchBlt
GetDIBits
GdiConsoleTextOut
GdiInitializeLanguagePack
GetROP2
FONTOBJ_pfdg
GetGlyphOutlineWow
BitBlt
BRUSHOBJ_pvAllocRbrush
AddFontResourceA
CreateBrushIndirect
MaskBlt
CloseMetaFile
EnumFontsA
GetCharWidthW
RectInRegion
GetBitmapBits
GdiConvertBitmap
CloseFigure
GetColorAdjustment
GetTextAlign
CreateDiscardableBitmap
EnumEnhMetaFile
SetMapperFlags
CreatePen
GetWindowOrgEx
GetCharABCWidthsFloatA
SetGraphicsMode
GetTextFaceW
EnumFontFamiliesW
GdiQueryFonts
StrokePath
GdiGetLocalBrush
BeginPath
CreateBitmap
SetMagicColors
SetAbortProc
FloodFill
EngLineTo
GdiValidateHandle
GdiCreateLocalMetaFilePict
LineTo
CreateColorSpaceA
SetWinMetaFileBits
GetCharacterPlacementA
ColorCorrectPalette
GetCurrentObject
GetMiterLimit
Chord
GdiAlphaBlend
GetGlyphOutlineW
GetEnhMetaFileDescriptionW
GetCharWidthA
EngDeleteClip
GetGraphicsMode
GetAspectRatioFilterEx
STROBJ_bGetAdvanceWidths
GdiConvertMetaFilePict
Polygon
AddFontResourceTracking
GetRgnBox
LineDDA
CreateHalftonePalette
PATHOBJ_vEnumStartClipLines
EngMultiByteToUnicodeN
PaintRgn
FillPath
GetTextExtentPoint32W
GetBkMode
GetDCBrushColor
NamedEscape

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfb4b9b854827ea603429ed8fcf0305c

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1Certificate

Extended Key Usages

14:1f:de:07:04:82:96:9e:f8:60:0e:43:b9:91:04:96:6c:e6:58:a1Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 290KB - Virtual size: 289KB

.text3 Size: 1024B - Virtual size: 1000B

.text4 Size: 1024B - Virtual size: 1000B

.text2 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

14:1f:de:07:04:82:96:9e:f8:60:0e:43:b9:91:04:96:6c:e6:58:a1
Signer

.text
Size: 290KB - Virtual size: 289KB

.text3
Size: 1024B - Virtual size: 1000B

.text4
Size: 1024B - Virtual size: 1000B

.text2
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB