47a527479d0a7de78c7df92310efd7f1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

47a527479d0a7de78c7df92310efd7f1_JaffaCakes118
Size

288KB
MD5

47a527479d0a7de78c7df92310efd7f1
SHA1

924d869ef46fa3d95c5668fdc65b263081d4319c
SHA256

362ec5d9065fa6cf41f96d6985e79e2f4d82e0f85db8eeda7a9678296e7b43ea
SHA512

7df154c5e31d773c1f98d2b2347e2bf927fd22e9f9b0829bddd670994ed21427f8207f5da2fe01e52a542aca15635cd73834e21808b4b14ee892f05bcd08c0f3
SSDEEP

6144:3KZBzsuDVxh3lyUqqLSwAohoRabwu5z469o0lZXb1slhr:UNsGVjz9A3Rrh0zmlhr

Score

1^/10

Malware Config

Signatures

Files

47a527479d0a7de78c7df92310efd7f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

Issuer

CN=62esgfdgs

Not Before

23/02/2012, 09:44

Not After

31/12/2039, 23:59

Subject

CN=62esgfdgs

Extended Key Usages

ExtKeyUsageCodeSigning

16:1f:99:c7:ac:a1:e9:e4:6a:d0:fe:e5:59:b1:da:03:a1:03:be:b5
Signer

Actual PE Digest

16:1f:99:c7:ac:a1:e9:e4:6a:d0:fe:e5:59:b1:da:03:a1:03:be:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc
GetPrivateProfileSectionA
OpenJobObjectA
ContinueDebugEvent
InitializeCriticalSection
DosDateTimeToFileTime
lstrlen
GetProfileSectionW
GetHandleInformation
GetCommMask
InitializeCriticalSectionAndSpinCount
SetThreadPriority
GetVersionExA
ReadConsoleW
EscapeCommFunction
lstrcmpi
VirtualLock
RtlMoveMemory
BuildCommDCBA
IsSystemResumeAutomatic
WriteFileGather
FindNextFileW
GetComputerNameA
FreeResource
WaitForMultipleObjectsEx
GetVolumeNameForVolumeMountPointW
Heap32ListFirst
SetMessageWaitingIndicator
Beep
GetFileAttributesA
EnumResourceNamesA
UpdateResourceW
VirtualQuery
MapUserPhysicalPages
FlushInstructionCache
GetTempPathW
CreateTapePartition
CreateMailslotW
GetSystemWindowsDirectoryW
FileTimeToSystemTime
EnumSystemCodePagesW
lstrcpyA
GetCurrentProcess
FreeConsole
DeleteCriticalSection
TlsGetValue
IsValidLocale
AreFileApisANSI
GetNumberFormatA
UnmapViewOfFile
GetExitCodeThread
Thread32First
SetProcessPriorityBoost
GetComputerNameExW
WritePrivateProfileSectionW
GetComputerNameExA
GetConsoleAliasesLengthW
ReadConsoleA
DnsHostnameToComputerNameW
HeapLock
SetConsoleCursorInfo
TerminateThread
EnumResourceLanguagesA
DeleteFileA
GetEnvironmentStrings
GetSystemInfo
GetCPInfoExW
GetFileSize
GetMailslotInfo
SetLocalTime
EndUpdateResourceW
FillConsoleOutputAttribute
GetSystemDefaultLangID
GetCPInfoExA
_lcreat
CreateConsoleScreenBuffer
GetProfileIntA
DuplicateHandle
GetCurrentProcessId
CompareFileTime
WriteProfileStringA
Process32FirstW
GlobalUnWire
CopyFileExW
GetConsoleCursorInfo
GetTimeFormatA
Module32NextW
CreateFileMappingW
PurgeComm
WriteConsoleOutputAttribute
SetProcessAffinityMask
_lread
GlobalFlags
CreateRemoteThread
GetStringTypeExW
GetTapeStatus
SetCurrentDirectoryA
GenerateConsoleCtrlEvent
HeapValidate
FindNextChangeNotification
SetFileApisToANSI
DeleteAtom
GetSystemPowerStatus
IsProcessorFeaturePresent
GetFileAttributesExW
CreateNamedPipeW
GetConsoleAliasExesLengthW
DefineDosDeviceW
WritePrivateProfileStringA
GetCommConfig
EnumSystemLocalesW
GetCommandLineA
VerifyVersionInfoW
HeapSize
GetDiskFreeSpaceExA
SetEndOfFile
SetConsoleTextAttribute
FatalAppExitW
SetSystemTimeAdjustment
SetProcessShutdownParameters
WriteConsoleInputW
FindFirstVolumeMountPointW
GetNamedPipeInfo
ScrollConsoleScreenBufferA
GetCommandLineW
GetCommState
GetConsoleAliasesW
CompareStringA
GetComputerNameW
SetVolumeLabelW
MulDiv
FindResourceExA
SetSystemPowerState
ReadFileEx
GetFullPathNameA
SetFileTime
SetHandleCount
WaitNamedPipeA
SetConsoleMode

advapi32

RegOpenKeyExW

comctl32

ImageList_GetImageRect
ImageList_SetDragCursorImage
ImageList_Destroy
FlatSB_SetScrollPos
ImageList_Remove
FlatSB_EnableScrollBar
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_Duplicate
CreatePropertySheetPageA
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
PropertySheetA
ImageList_SetImageCount
ord13
ImageList_GetBkColor
ImageList_Copy
ord14
FlatSB_SetScrollRange
ImageList_LoadImageW
ImageList_SetIconSize
DrawStatusText
ImageList_BeginDrag
UninitializeFlatSB
PropertySheetW
CreateToolbarEx
InitMUILanguage
ImageList_EndDrag
ImageList_Draw
ord6
FlatSB_GetScrollPos
ImageList_LoadImage
ImageList_Merge
ImageList_DragMove
ImageList_GetDragImage
ImageList_GetIconSize
_TrackMouseEvent
ord2
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_SetBkColor
ImageList_DragEnter
ImageList_Replace
ImageList_DrawIndirect
ImageList_GetImageCount
ord17
ImageList_SetOverlayImage
ord4
ord15
InitializeFlatSB
CreateStatusWindowW
ImageList_Write
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_LoadImageA
ImageList_Add
ord8
PropertySheet
FlatSB_GetScrollInfo
FlatSB_GetScrollProp
ord16
ImageList_AddMasked
ImageList_Read
ImageList_SetFilter
ImageList_DragLeave
FlatSB_SetScrollProp
ord3
CreateStatusWindow
GetMUILanguage
InitCommonControlsEx
ImageList_GetIcon

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text11
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textH3
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH4
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH1
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH5
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH9
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH10
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH11
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47Certificate

Extended Key Usages

16:1f:99:c7:ac:a1:e9:e4:6a:d0:fe:e5:59:b1:da:03:a1:03:be:b5Signer

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

.text11 Size: 263KB - Virtual size: 263KB

.text12 Size: 2KB - Virtual size: 1KB

.textH3 Size: 512B - Virtual size: 500B

.textH4 Size: 512B - Virtual size: 500B

.textH1 Size: 512B - Virtual size: 500B

.textH5 Size: 512B - Virtual size: 500B

.textH6 Size: 512B - Virtual size: 500B

.textH7 Size: 512B - Virtual size: 500B

.textH8 Size: 512B - Virtual size: 500B

.textH9 Size: 512B - Virtual size: 500B

.textH10 Size: 512B - Virtual size: 500B

.textH11 Size: 512B - Virtual size: 500B

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

16:1f:99:c7:ac:a1:e9:e4:6a:d0:fe:e5:59:b1:da:03:a1:03:be:b5
Signer

.text
Size: 4KB - Virtual size: 3KB

.text11
Size: 263KB - Virtual size: 263KB

.text12
Size: 2KB - Virtual size: 1KB

.textH3
Size: 512B - Virtual size: 500B

.textH4
Size: 512B - Virtual size: 500B

.textH1
Size: 512B - Virtual size: 500B

.textH5
Size: 512B - Virtual size: 500B

.textH6
Size: 512B - Virtual size: 500B

.textH7
Size: 512B - Virtual size: 500B

.textH8
Size: 512B - Virtual size: 500B

.textH9
Size: 512B - Virtual size: 500B

.textH10
Size: 512B - Virtual size: 500B

.textH11
Size: 512B - Virtual size: 500B

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB