3b965999e8d6cf29b4057785a0b46d29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b965999e8d6cf29b4057785a0b46d29_JaffaCakes118
Size

277KB
MD5

3b965999e8d6cf29b4057785a0b46d29
SHA1

d2a7fe43f3cf221cacf40466c4c42faee1023669
SHA256

cb58b14b311e947c89fe377984e15a7db2ff1cad012503974aab2640ac74f78a
SHA512

4141e786ff36d4c816198ab9dad71af57b5c6971282cb520b741c4bd69c7f14fde2eb0677ad361d8bb8d3f7b0d2a0f046d5b8eb9cce755f0542a508e152c5fa1
SSDEEP

6144:E4bSG6rzysDrwsSSY+krD77q3UwQi7AQCAEzozt:EoFTkrwsSSYxn77OUZi7RCToz

Score

1^/10

Malware Config

Signatures

Files

3b965999e8d6cf29b4057785a0b46d29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15/03/2012, 10:39

Not After

31/12/2039, 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

17:2f:7e:3d:86:cb:aa:c4:f8:a7:a3:a6:0b:79:b4:a2:47:95:9a:af
Signer

Actual PE Digest

17:2f:7e:3d:86:cb:aa:c4:f8:a7:a3:a6:0b:79:b4:a2:47:95:9a:af

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
DnsHostnameToComputerNameA
CreateDirectoryA
HeapCompact
EnumUILanguagesA
ReadConsoleInputA
GetLocalTime
SetConsoleTitleA
FindFirstFileExW
SetFilePointerEx
GetStringTypeA
GetSystemTimeAdjustment
GetCompressedFileSizeW
GlobalGetAtomNameW
GetConsoleAliasExesLengthA
ExpandEnvironmentStringsA
GetProcessVersion
DeleteCriticalSection
SetConsoleTextAttribute
DisconnectNamedPipe
CreateMailslotW
IsSystemResumeAutomatic
FlushFileBuffers
GetSystemWindowsDirectoryW
SetComputerNameExW
WriteConsoleA
ReadConsoleOutputAttribute
ResetEvent
ChangeTimerQueueTimer
IsBadWritePtr
lstrcpyn
Module32Next
GetThreadLocale
WriteProfileStringW
WriteConsoleInputW
VerifyVersionInfoA
GetTapePosition
GetSystemTimeAsFileTime
GetVersionExW
GetProcessHeap
SetTapePosition
SetVolumeLabelA
FreeUserPhysicalPages
LocalHandle
GlobalFindAtomW
CreateThread
CreateTimerQueueTimer
GlobalMemoryStatusEx
GlobalAlloc
GetProcessAffinityMask
IsProcessorFeaturePresent
OpenWaitableTimerW
SetComputerNameExA
GetDiskFreeSpaceW
FindFirstChangeNotificationA
GetBinaryTypeA
GetCPInfoExA
Thread32First
FindFirstChangeNotificationW
FindCloseChangeNotification
GetMailslotInfo
GetPrivateProfileSectionA
SetThreadPriority
SetVolumeMountPointW
VirtualQueryEx
SetSystemPowerState
CreateSemaphoreW
SetThreadContext
SetErrorMode
GetTapeParameters
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
TlsSetValue
TerminateJobObject
GetCommandLineW
GlobalUnWire
DosDateTimeToFileTime
GetCompressedFileSizeA
CreateNamedPipeA
GetConsoleCP
DeleteFileW
PrepareTape
BeginUpdateResourceA
Beep
GetBinaryType
HeapReAlloc
SetCurrentDirectoryW
MapUserPhysicalPages
GetEnvironmentVariableA
GetSystemPowerStatus
ReadFileScatter
GetPrivateProfileStructA
OpenEventA
GetConsoleAliasExesA
SetThreadAffinityMask

user32

SetCursor
GetWindowTextW
GetClipboardFormatNameA
EnumDisplaySettingsExA
GetClassWord
RegisterClipboardFormatW
TranslateAcceleratorA
LoadImageW
GetClassLongW
GetDoubleClickTime
DdeCreateStringHandleA
EditWndProc
DrawIconEx
GetClassNameA
DdeEnableCallback
BeginDeferWindowPos
GetIconInfo
OpenWindowStationA
SetDlgItemTextA
GetMouseMovePointsEx
WINNLSGetIMEHotkey
IsDialogMessageA
EnumPropsA
SetScrollRange
GetScrollRange
DestroyMenu
DdeQueryConvInfo
GetMenuItemRect
SetUserObjectSecurity
EnumDisplaySettingsW
SetMessageQueue
GetMessagePos
SetCaretPos
DdeInitializeW
GetThreadDesktop
RegisterWindowMessageW
CharUpperW
GetWindowThreadProcessId
GetCursor
FlashWindowEx
DrawTextExW
AllowSetForegroundWindow
TrackPopupMenuEx
UnregisterClassA
DlgDirSelectExA
GetUpdateRgn
FreeDDElParam
GetClipboardData
WaitMessage
SendMessageCallbackW
IsHungAppWindow
GetKeyNameTextW
SendMessageW
WinHelpW
LoadMenuIndirectW
SetSysColors
GetClipboardOwner
GetNextDlgTabItem
GetKeyboardLayoutNameA
CharPrevExA
GetWindowLongW
SetRect
IsCharAlphaNumericA
CreateIconFromResource
DdeFreeDataHandle
CharLowerW
SetWinEventHook
SetThreadDesktop
DdeReconnect
SetMessageExtraInfo
CheckMenuItem
CreateCursor
DdeQueryStringW
SetDoubleClickTime
ReuseDDElParam
GetTabbedTextExtentW
InsertMenuItemW
DdeGetLastError
MonitorFromWindow
GrayStringW
CreateWindowStationA
CharUpperBuffA
wsprintfW
VkKeyScanW
InvalidateRgn
GetAncestor
CountClipboardFormats
WindowFromPoint
UserHandleGrantAccess
UnloadKeyboardLayout
GetDlgItemInt
SwitchDesktop
CreateDialogIndirectParamW
SendMessageA
RegisterWindowMessageA
TranslateMDISysAccel

comdlg32

PrintDlgA
PrintDlgExW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW
GetSaveFileNameA
ChooseFontW
PageSetupDlgW
ReplaceTextW
CommDlgExtendedError
ChooseColorA
GetFileTitleA
GetFileTitleW
ReplaceTextA
GetOpenFileNameA
PrintDlgExA
PrintDlgW
FindTextA
ChooseColorW
PageSetupDlgA
FindTextW

advapi32

RegOpenKeyExW

comctl32

ImageList_Remove
ord13
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_DragEnter
ImageList_GetImageInfo
InitMUILanguage
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_Destroy
ImageList_Duplicate
ImageList_DragLeave
CreateStatusWindowW
ImageList_DrawEx
InitializeFlatSB
ImageList_DragShowNolock
FlatSB_SetScrollInfo
CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_LoadImageA
ord6
ord4
ImageList_LoadImageW
ImageList_GetImageRect
CreateToolbarEx
InitCommonControlsEx
ord14
GetMUILanguage
ImageList_GetIcon
ImageList_DrawIndirect
_TrackMouseEvent
ord7
CreatePropertySheetPage
ImageList_Replace
CreateStatusWindow
ImageList_DragMove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetFilter
PropertySheetW
ImageList_EndDrag
ImageList_Read
ord17
ImageList_Create
FlatSB_GetScrollProp
FlatSB_SetScrollProp
ord2
ImageList_SetImageCount
ord3
ImageList_Copy
FlatSB_SetScrollRange
DrawStatusText
ImageList_Draw
ImageList_GetDragImage
UninitializeFlatSB
CreatePropertySheetPageA
ImageList_Add

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

d4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d2
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

17:2f:7e:3d:86:cb:aa:c4:f8:a7:a3:a6:0b:79:b4:a2:47:95:9a:afSigner

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

d4 Size: 1024B - Virtual size: 1000B

d3 Size: 1024B - Virtual size: 1000B

d2 Size: 258KB - Virtual size: 257KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

17:2f:7e:3d:86:cb:aa:c4:f8:a7:a3:a6:0b:79:b4:a2:47:95:9a:af
Signer

.text
Size: 4KB - Virtual size: 3KB

d4
Size: 1024B - Virtual size: 1000B

d3
Size: 1024B - Virtual size: 1000B

d2
Size: 258KB - Virtual size: 257KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB