4713b1545a1d26462397251f58cdf398_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4713b1545a1d26462397251f58cdf398_JaffaCakes118
Size

293KB
MD5

4713b1545a1d26462397251f58cdf398
SHA1

693bc85e53ee29785074a32e6a6a3af1c5037882
SHA256

04022b3e3ff5ebbd5664134e2b9c8c89f0ecbfbd466110421bcd930abb43776b
SHA512

8739d2f8aa911a0208a687ea1a570706ebf015ff445e7300518b0014f797ad7ecc8e7eb63bab1742e8c456a121c3eeb04655a0bf10deb4ab2c0d73c426e57b68
SSDEEP

6144:XPdM7MANEVzGlcEDUl4qaRYVQiJTGbusJRhgnGXcND7Xm2BeddhMHSEVoH:SNEh8cSLqd9sisDhgnGKBBedDMyEVy

Score

1^/10

Malware Config

Signatures

Files

4713b1545a1d26462397251f58cdf398_JaffaCakes118
.exe windows:4 windows x86 arch:x86

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

Issuer

CN=ggggggggg

Not Before

17-01-2012 12:30

Not After

31-12-2039 23:59

Subject

CN=ggggggggg

Extended Key Usages

ExtKeyUsageCodeSigning

88:8a:a8:f6:05:10:d5:25:0d:0b:18:f9:dc:40:d3:11:7f:ff:f2:3a
Signer

Actual PE Digest

88:8a:a8:f6:05:10:d5:25:0d:0b:18:f9:dc:40:d3:11:7f:ff:f2:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
SetThreadLocale
GetDateFormatW
GlobalMemoryStatus
SetThreadPriorityBoost
SetTapePosition
LocalLock
lstrcmpi
GenerateConsoleCtrlEvent
FreeConsole
MoveFileWithProgressA
GetVersionExA
SetConsoleActiveScreenBuffer
BindIoCompletionCallback
ChangeTimerQueueTimer
GetFileSize
IsDebuggerPresent
SetFileAttributesA
GetQueuedCompletionStatus
GetExitCodeThread
MoveFileWithProgressW
HeapUnlock
GetCommState
ReadConsoleOutputA
GetConsoleTitleW
GetProcessHeap
WaitCommEvent
LocalSize
GlobalFindAtomW
GlobalFlags
OpenProcess
GetVersionExW
OpenFileMappingW
GetProcAddress
FormatMessageA
HeapWalk
GetFileAttributesA
SetMailslotInfo
EndUpdateResourceA
lstrcpyW
PurgeComm
EnumResourceNamesW
GlobalAddAtomA
GetACP
SetDefaultCommConfigA
VerSetConditionMask
CompareStringW
GetPrivateProfileSectionNamesA
Thread32First
GetLocaleInfoA
GlobalGetAtomNameA
QueryDosDeviceW
HeapLock
SetEndOfFile
GetProcessShutdownParameters
IsBadStringPtrA
FindFirstVolumeW
LoadLibraryExA
GetFileAttributesExA
QueryPerformanceCounter
SetEnvironmentVariableW
GetCommandLineA
EnumDateFormatsExA
CancelWaitableTimer
WriteProfileStringA
RtlUnwind
GetCPInfo
lstrcpy
GetLastError
GetStartupInfoA
VirtualLock
GetVolumePathNameA
CreateTimerQueueTimer
HeapSize
SetConsoleMode
_lwrite
HeapAlloc
OpenWaitableTimerA
CreateSemaphoreW
FillConsoleOutputCharacterW
CreateNamedPipeW
CommConfigDialogA
GetCompressedFileSizeW
SetCommMask
ScrollConsoleScreenBufferA
CreateMutexA
CreateRemoteThread
IsBadReadPtr
FindNextVolumeA
InterlockedIncrement
GetThreadSelectorEntry
WideCharToMultiByte
FreeEnvironmentStringsA
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetModuleHandleA

user32

GetCaretPos
GetClipCursor
SetPropW
InvalidateRect
UnregisterDeviceNotification
GetDesktopWindow
DestroyWindow
FrameRect
PostMessageA
DdeUninitialize
SetUserObjectInformationW
CreateAcceleratorTableA
GetMenuStringA
CountClipboardFormats
CloseWindowStation
RealGetWindowClassW
CharToOemBuffA
GetWindowDC
RegisterDeviceNotificationW
CharLowerA
GetClassWord
GetAsyncKeyState
SendInput
SetLayeredWindowAttributes
LookupIconIdFromDirectoryEx
IsDlgButtonChecked
AppendMenuW
ChangeMenuW
OemKeyScan
FillRect
OemToCharBuffA
SetProcessDefaultLayout
SetKeyboardState
GetAltTabInfo
RegisterWindowMessageW
EnumThreadWindows
RegisterClassExA
GetWindowModuleFileName
GetKeyboardLayout
DrawTextW
CreatePopupMenu
SendDlgItemMessageA
ChildWindowFromPointEx
SetMessageQueue
DdeSetUserHandle
SetCursor
GetClipboardFormatNameA
ScrollWindowEx
OemToCharW
SetDoubleClickTime
DrawFrame
IsWindowVisible
ChangeDisplaySettingsA
GetDlgItemInt
GetKeyboardLayoutList
LoadAcceleratorsA
CharToOemW
UpdateWindow
GetIconInfo
SetLastErrorEx
RegisterClassA
IMPSetIMEA
ModifyMenuW
GetListBoxInfo
RegisterClipboardFormatW
SetDlgItemTextW
SetWindowLongA
EnumChildWindows
IsIconic
GetMenuItemCount
ValidateRect
CreateIcon
IsRectEmpty
GetKeyboardLayoutNameA
GetWindow
MsgWaitForMultipleObjects
CreateDialogParamW
GetPropA
GetDCEx
GetDC
IsWindow
CloseWindow
GetDlgItem
CharPrevExA
GetPropW
GetShellWindow
IsDialogMessageA
LoadIconA

advapi32

RegOpenKeyExW

ole32

HMETAFILEPICT_UserFree
HICON_UserUnmarshal
CoGetPSClsid
CoRevertToSelf
WdtpInterfacePointer_UserFree
SetConvertStg
CoGetMalloc
OleSaveToStream
CLSIDFromString
StgOpenStorageOnILockBytes
CoUninitialize
CoMarshalHresult
CoGetInterfaceAndReleaseStream
UtGetDvtd32Info
CoRegisterPSClsid
OleCreateFromDataEx
CoDisableCallCancellation
OleCreateFromFileEx
MkParseDisplayName
CreateStdProgressIndicator
OleConvertIStorageToOLESTREAMEx
OleCreateEmbeddingHelper
HMETAFILE_UserSize
HBITMAP_UserMarshal
OleQueryLinkFromData
PropStgNameToFmtId
GetClassFile
OleLoad
FreePropVariantArray
GetConvertStg
HWND_UserUnmarshal
CoGetStdMarshalEx
OleSetMenuDescriptor
CoGetInstanceFromIStorage
WriteOleStg
HENHMETAFILE_UserFree
CoGetCurrentProcess
HMETAFILE_UserFree
OleRegEnumFormatEtc
HENHMETAFILE_UserMarshal
OleRegGetUserType
OleLoadFromStream
ProgIDFromCLSID
HkOleRegisterObject
UtConvertDvtd16toDvtd32
CoGetInstanceFromFile
WriteClassStg
CoLoadLibrary
CoAddRefServerProcess
CoQueryProxyBlanket
ReadClassStg
CoRevokeMallocSpy
HBRUSH_UserFree
CoGetCallerTID
CoGetMarshalSizeMax
HMETAFILEPICT_UserUnmarshal
CoAllowSetForegroundWindow
CoTaskMemFree
CoQueryClientBlanket
OleCreateDefaultHandler
HGLOBAL_UserSize
CoBuildVersion
CoCancelCall
HICON_UserSize
StgCreateDocfile
CoSuspendClassObjects
EnableHookObject
OleDraw
OleConvertOLESTREAMToIStorageEx
MonikerCommonPrefixWith
OleSetContainedObject
CLIPFORMAT_UserSize
HGLOBAL_UserFree
SNB_UserFree
CoRegisterSurrogate
HPALETTE_UserSize
CoReleaseMarshalData
OleNoteObjectVisible
CoTaskMemRealloc
CoTreatAsClass
StgCreatePropStg
OleDoAutoConvert
OleTranslateAccelerator
SetDocumentBitStg
CoGetObjectContext

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77Certificate

Extended Key Usages

88:8a:a8:f6:05:10:d5:25:0d:0b:18:f9:dc:40:d3:11:7f:ff:f2:3aSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 1KB - Virtual size: 1KB

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

88:8a:a8:f6:05:10:d5:25:0d:0b:18:f9:dc:40:d3:11:7f:ff:f2:3a
Signer

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 1KB - Virtual size: 1KB