40449eaf8c165c6d8f667776aba73d9e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40449eaf8c165c6d8f667776aba73d9e_JaffaCakes118
Size

21KB
MD5

40449eaf8c165c6d8f667776aba73d9e
SHA1

04b092514682939b2d75736d5fab3fb9a64a7033
SHA256

13860256b2f63c7b7256e06c80bcbfc42a46bed326377ef0548a1a1d9c43f71f
SHA512

3b9e4b2ba63f13ccf5ebba41424252635724881fdfd3979e2b023bb10201d1c4e50b6742d921b783fe86db29a7e61a0abf19ddfc6984df4ad748f68dd3de7715
SSDEEP

384:357z1dRieGy8i7zH6Y1MGaMcXVJymIuW2PZhh4WWieZW8B:J7z1LiJgzH6YFg0uW2PZhhdeD

Score

1^/10

Malware Config

Signatures

Files

40449eaf8c165c6d8f667776aba73d9e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

59c188aed971bd231e021609f43c2f49

Code Sign

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8c
Certificate

Issuer

CN=yFfJFQjZS5cVSsx

Not Before

20/03/2012, 06:07

Not After

31/12/2039, 23:59

Subject

CN=yFfJFQjZS5cVSsx

Extended Key Usages

ExtKeyUsageCodeSigning

b5:93:39:69:f1:a4:37:8a:73:be:9a:d9:fd:8f:9c:dd:5e:0b:3a:a0
Signer

Actual PE Digest

b5:93:39:69:f1:a4:37:8a:73:be:9a:d9:fd:8f:9c:dd:5e:0b:3a:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

wsprintfW
WINNLSEnableIME
VkKeyScanW
VkKeyScanExW
UnloadKeyboardLayout
UnionRect
SubtractRect
SetWindowsHookExW
SetWindowLongA
SetMessageExtraInfo
SetMenuDefaultItem
SetMenu
SetKeyboardState
SetDebugErrorLevel
SetClassWord
SendNotifyMessageW
SendMessageCallbackW
SendMessageCallbackA
SendMessageA
ScreenToClient
RemovePropW
RemovePropA
RegisterShellHookWindow
RegisterDeviceNotificationW
PostQuitMessage
PeekMessageW
PackDDElParam
OpenClipboard
OemToCharW
OemToCharBuffA
NotifyWinEvent
MonitorFromWindow
MessageBoxW
MessageBoxA
MapWindowPoints
LookupIconIdFromDirectory
IsRectEmpty
IsHungAppWindow
GetWindowThreadProcessId
GetWindowPlacement
GetWindowInfo
GetWindowDC
GetUserObjectInformationA
GetUpdateRgn
GetSystemMenu
GetShellWindow
GetPriorityClipboardFormat
GetMouseMovePointsEx
GetMonitorInfoW
GetMenuStringW
GetMenuState
GetMenuDefaultItem
GetLastActivePopup
GetIconInfo
GetComboBoxInfo
GetClipboardViewer
GetClassLongW
GetCaretPos
GetAncestor
EnumPropsW
EnumPropsExA
EnumPropsA
EnumDisplaySettingsW
EnumDisplayDevicesA
EnumDesktopsW
EnumClipboardFormats
EnableScrollBar
DrawEdge
DrawAnimatedRects
DispatchMessageW
DialogBoxIndirectParamW
DestroyMenu
DefWindowProcA
DdeQueryStringA
DdeKeepStringHandle
DdeInitializeW
DdeImpersonateClient
DdeAbandonTransaction
CreateWindowStationW
CreateWindowExA
CreatePopupMenu
CreateDialogParamA
CreateCursor
CloseDesktop
CheckMenuRadioItem
ChangeMenuA
ChangeDisplaySettingsExW
CascadeChildWindows
CallMsgFilterW
CallMsgFilterA
BlockInput
WinHelpW

gdi32

CombineTransform
CloseEnhMetaFile
Arc
XLATEOBJ_iXlate
UpdateColors
UnloadNetworkFonts
SetWindowExtEx
SetTextCharacterExtra
SetMagicColors
SetICMProfileW
SetColorAdjustment
SetBitmapDimensionEx
SetBitmapBits
SelectObject
SelectFontLocal
SaveDC
STROBJ_vEnumStart
STROBJ_bGetAdvanceWidths
RoundRect
ResetDCW
RemoveFontResourceTracking
PlgBlt
PATHOBJ_vEnumStart
OffsetRgn
NamedEscape
InvertRgn
HT_Get8BPPFormatPalette
GetTextExtentPointA
GetTextColor
GetTextAlign
GetRelAbs
GetRegionData
GetPixelFormat
GetObjectType
GetMetaFileBitsEx
GetKerningPairsA
GetGlyphOutlineW
GetGlyphOutline
GetDeviceGammaRamp
GetCurrentObject
GetCharacterPlacementA
GetCharWidthA
GetCharABCWidthsI
GetCharABCWidthsFloatA
GetBitmapBits
GdiSwapBuffers
GdiSetLastError
GdiSetAttrs
GdiPlayScript
GdiPlayPrivatePageEMF
GdiGetDevmodeForPage
GdiFixUpHandle
GdiEntry8
GdiConvertRegion
GdiConvertFont
GdiConvertBitmap
GdiConvertAndCheckDC
GdiAddGlsBounds
FillRgn
FONTOBJ_vGetInfo
ExtTextOutA
ExtFloodFill
ExtCreatePen
EnumFontsA
EnumFontFamiliesW
EnumFontFamiliesExA
EnumEnhMetaFile
EngWideCharToMultiByte
EngUnlockSurface
EngUnicodeToMultiByteN
EngQueryEMFInfo
EngFreeModule
EngCreateSemaphore
EnableEUDC
Ellipse
DeviceCapabilitiesExW
DeviceCapabilitiesExA
DeleteEnhMetaFile
DeleteDC
DeleteColorSpace
CreatePolygonRgn
CreatePolyPolygonRgn
CreatePenIndirect
CreateFontW
CreateEnhMetaFileW
CreateEllipticRgnIndirect
CreateDIBitmap
CreateColorSpaceW
CopyEnhMetaFileW
AddFontResourceExA

advapi32

RegOpenKeyExW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59c188aed971bd231e021609f43c2f49

Code Sign

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8cCertificate

Extended Key Usages

b5:93:39:69:f1:a4:37:8a:73:be:9a:d9:fd:8f:9c:dd:5e:0b:3a:a0Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8c
Certificate

b5:93:39:69:f1:a4:37:8a:73:be:9a:d9:fd:8f:9c:dd:5e:0b:3a:a0
Signer

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB