47d9f73114948dac71167490b48efe10_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47d9f73114948dac71167490b48efe10_JaffaCakes118
Size

45KB
MD5

47d9f73114948dac71167490b48efe10
SHA1

cafe477c1b39452f25085145e58d59d7bc9b7a09
SHA256

c63acc21bd571bd22743686c79b9d52128bcc9f277973f92c48b6511cfe66dbd
SHA512

d0913c8cf48896cbce9d183b63361065f69df0f3b674d85fafafd6e5c5273b49456633e6f06cb88b547923ded75e58ff8286439c975e296d38757000a5835041
SSDEEP

768:YIhi3I9NV/K0a8pWNp1ndqvG1fGKAjHslK1ycDNyPRz:fhi49fo/7Y8

Score

1^/10

Malware Config

Signatures

Files

47d9f73114948dac71167490b48efe10_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

Issuer

CN=t123612333

Not Before

05/02/2012, 18:21

Not After

31/12/2039, 23:59

Subject

CN=t123612333

Extended Key Usages

ExtKeyUsageCodeSigning

25:50:9d:f5:00:61:d6:33:43:cb:db:2d:1a:b8:46:3e:12:7c:91:59
Signer

Actual PE Digest

25:50:9d:f5:00:61:d6:33:43:cb:db:2d:1a:b8:46:3e:12:7c:91:59

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommConfig
SetCommState
SetComputerNameExA
SetComputerNameExW
SetComputerNameW
SetConsoleMode
SetEnvironmentVariableA
SetFileAttributesA
SetFileTime
SetPriorityClass
SetStdHandle
SetCalendarInfoW
SetWaitableTimer
SignalObjectAndWait
Sleep
TerminateJobObject
TlsFree
TransactNamedPipe
UnlockFileEx
WriteFileGather
WriteProfileStringA
WriteTapemark
lstrcpyA
ResetWriteWatch
ReadConsoleOutputW
ReadConsoleInputW
QueryPerformanceFrequency
MoveFileExW
Module32First
LockFile
LocalShrink
LocalFileTimeToFileTime
LoadResource
IsBadStringPtrA
HeapAlloc
Heap32ListFirst
GlobalUnlock
GlobalSize
GlobalMemoryStatusEx
GlobalMemoryStatus
GlobalHandle
GlobalAddAtomA
GetWindowsDirectoryW
GetVersion
GetUserDefaultLCID
GetTimeFormatW
GetTimeFormatA
GetThreadSelectorEntry
GetTempFileNameA
GetSystemDefaultLangID
GetStringTypeA
GetProcessPriorityBoost
GetNumberFormatW
GetLongPathNameW
GetLocalTime
GetDiskFreeSpaceExA
GetCurrentThreadId
GetCurrentDirectoryA
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleAliasesLengthA
GetComputerNameExA
GetCommState
GetCommMask
GetBinaryTypeW
GetAtomNameW
FormatMessageW
FoldStringA
FindResourceExA
FindResourceA
FindFirstVolumeMountPointA
FillConsoleOutputAttribute
EnumLanguageGroupLocalesW
EnumResourceNamesA
EnumDateFormatsExW
EnumCalendarInfoW
EndUpdateResourceA
DnsHostnameToComputerNameA
CreateTimerQueueTimer
CreateSemaphoreW
CreateRemoteThread
CreateProcessW
CreateProcessA
CreateEventW
CreateDirectoryW
CopyFileExW
CopyFileA
CompareStringA
ChangeTimerQueueTimer
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BeginUpdateResourceW
LoadLibraryA
GetProcAddress
SetThreadContext
VirtualAlloc

gdi32

cGetTTFFromFOT
XFORMOBJ_bApplyXform
UnloadNetworkFonts
StartDocW
SetStretchBltMode
SetMapMode
SetLayout
SetDIBColorTable
SetBkMode
SelectPalette
SaveDC
RemoveFontResourceTracking
PtInRegion
Polyline
PolyDraw
PlayEnhMetaFile
PATHOBJ_vEnumStart
GetTextFaceAliasW
GetTextExtentExPointA
GetNearestPaletteIndex
GetLayout
GetFontAssocStatus
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetCurrentObject
GetBitmapDimensionEx
GdiGetPageHandle
GdiGetDevmodeForPage
GdiGetCharDimensions
GdiDeleteSpoolFileHandle
GdiComment
FlattenPath
FONTOBJ_pxoGetXform
EngGetDriverName
EngCreateSemaphore
EngBitBlt
EngAcquireSemaphore
EndDoc
CreateMetaFileW
CreateFontIndirectW
CreateFontIndirectA
CreateDCA
CombineTransform
ChoosePixelFormat
CheckColorsInGamut
CLIPOBJ_bEnum
AnyLinkedFonts
GetStockObject
gdiPlaySpoolStream

comdlg32

ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.set
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uuj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18Certificate

Extended Key Usages

25:50:9d:f5:00:61:d6:33:43:cb:db:2d:1a:b8:46:3e:12:7c:91:59Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 6KB - Virtual size: 6KB

.set Size: 25KB - Virtual size: 25KB

.uuj Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 152B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

25:50:9d:f5:00:61:d6:33:43:cb:db:2d:1a:b8:46:3e:12:7c:91:59
Signer

.text
Size: 6KB - Virtual size: 6KB

.set
Size: 25KB - Virtual size: 25KB

.uuj
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 152B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB