41c6d784e057af3c489c2695597d6658_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41c6d784e057af3c489c2695597d6658_JaffaCakes118
Size

76KB
MD5

41c6d784e057af3c489c2695597d6658
SHA1

c06753ec550cafba43479a2be25bb1c4cc9dcb13
SHA256

ca473abe7f45cf38f385f3bf43427de2e74de2725056f3a6c7f67023d82f5a23
SHA512

3757965a91b21f4298c23969e317e555283fb5774c1e82b80d112ceb09a5c577bdc90eaa2fe9fcc6ae590852ab88fc27f03e1788f9cde186f51aa5cf3ca4ae80
SSDEEP

1536:U7dVkO23r0L77MoraHTvdNo5BcxBJA2d:k2brmuHRNoGrA

Score

1^/10

Malware Config

Signatures

Files

41c6d784e057af3c489c2695597d6658_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6de61fea23a0ac305d76a76c31a3705c

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

Issuer

CN=erqwerqwert23623

Not Before

05/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=erqwerqwert23623

Extended Key Usages

ExtKeyUsageCodeSigning

74:da:12:85:ab:31:35:47:5b:85:5c:b6:5d:c9:48:b0:1d:3e:80:ce
Signer

Actual PE Digest

74:da:12:85:ab:31:35:47:5b:85:5c:b6:5d:c9:48:b0:1d:3e:80:ce

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetCommState
lstrcpyA
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
CreateFileA
VirtualAlloc

user32

ActivateKeyboardLayout
AnimateWindow
AttachThreadInput
BeginDeferWindowPos
ChangeClipboardChain
CharPrevA
CheckMenuItem
ChildWindowFromPointEx
CopyRect
CreateMDIWindowA
CreateWindowExA
DdeGetData
DdeQueryStringW
DdeReconnect
DefFrameProcA
DefFrameProcW
DefWindowProcA
DeregisterShellHookWindow
DestroyMenu
DispatchMessageW
DlgDirListA
DlgDirListComboBoxW
DrawEdge
DrawFrame
DrawStateW
EnableMenuItem
EnumDesktopsA
EnumDisplaySettingsA
EnumDisplaySettingsExW
EqualRect
FindWindowW
GetCaretPos
GetCursorInfo
GetDCEx
GetDlgItemTextA
GetKeyNameTextA
GetKeyboardLayoutList
GetMenuDefaultItem
GetMenuItemInfoA
GetMenuItemInfoW
GetMessageTime
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetPriorityClipboardFormat
GetShellWindow
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetWindowInfo
GetWindowRgn
GetWindowTextLengthA
ImpersonateDdeClientWindow
IsCharAlphaNumericW
IsDialogMessage
IsDlgButtonChecked
IsHungAppWindow
LoadBitmapA
LoadCursorW
LoadImageW
LoadStringW
LockSetForegroundWindow
MapVirtualKeyExA
MessageBoxW
OemToCharBuffA
OemToCharW
OpenDesktopW
OpenWindowStationW
PaintDesktop
PostMessageW
RegisterClipboardFormatW
RegisterDeviceNotificationA
RemoveMenu
RemovePropA
ReuseDDElParam
ScrollWindow
SendMessageW
SetDeskWallpaper
SetDlgItemTextW
SetMessageQueue
SetProcessWindowStation
SetPropW
SetShellWindow
SetSysColors
SetWindowLongA
SetWindowPlacement
SetWindowRgn
SetWindowsHookExA
ShowCursor
UnregisterHotKey
wsprintfW
wvsprintfW

ole32

CLIPFORMAT_UserFree
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLSIDFromProgID
CoDeactivateObject
CoDisableCallCancellation
CoDisconnectObject
CoFreeAllLibraries
CoFreeUnusedLibraries
CoGetCallerTID
CoGetCancelObject
CoGetClassVersion
CoGetCurrentProcess
CoGetPSClsid
CoGetStandardMarshal
CoInitializeEx
CoIsOle1Class
CoLoadLibrary
CoLockObjectExternal
CoQueryAuthenticationServices
CoQueryProxyBlanket
CoRegisterChannelHook
CoRegisterClassObject
CoRegisterSurrogate
CoRevertToSelf
CoSetCancelObject
CoSuspendClassObjects
CoTaskMemFree
CoTestCancel
CoTreatAsClass
CoUnloadingWOW
CoUnmarshalHresult
CreateAntiMoniker
CreateBindCtx
CreateGenericComposite
DllGetClassObjectWOW
DoDragDrop
EnableHookObject
FmtIdToPropStgName
FreePropVariantArray
GetClassFile
GetHookInterface
HACCEL_UserMarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBITMAP_UserSize
HBRUSH_UserFree
HBRUSH_UserSize
HENHMETAFILE_UserSize
HICON_UserSize
HMENU_UserSize
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILE_UserFree
HMETAFILE_UserSize
HPALETTE_UserMarshal
MonikerCommonPrefixWith
MonikerRelativePathTo
OleConvertIStorageToOLESTREAMEx
OleCreate
OleCreateLinkEx
OleCreateLinkFromDataEx
OleDuplicateData
OleGetAutoConvert
OleIsCurrentClipboard
OleRegEnumVerbs
OleSave
OleSetMenuDescriptor
OpenOrCreateStream
ProgIDFromCLSID
PropStgNameToFmtId
ReadClassStg
SetDocumentBitStg
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgCreateStorageEx
StgOpenStorage
StgSetTimes
UtConvertDvtd16toDvtd32
WdtpInterfacePointer_UserSize
WriteClassStg
WriteClassStm

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6de61fea23a0ac305d76a76c31a3705c

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33Certificate

Extended Key Usages

74:da:12:85:ab:31:35:47:5b:85:5c:b6:5d:c9:48:b0:1d:3e:80:ceSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 980B

.text Size: 61KB - Virtual size: 61KB

.text2 Size: 1024B - Virtual size: 800B

.reloc Size: 1KB - Virtual size: 1KB

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

74:da:12:85:ab:31:35:47:5b:85:5c:b6:5d:c9:48:b0:1d:3e:80:ce
Signer

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 980B

.text
Size: 61KB - Virtual size: 61KB

.text2
Size: 1024B - Virtual size: 800B

.reloc
Size: 1KB - Virtual size: 1KB