48b4afdf7858765829821b31438b8038_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

48b4afdf7858765829821b31438b8038_JaffaCakes118
Size

290KB
MD5

48b4afdf7858765829821b31438b8038
SHA1

30b5e8d185ac21bb8d19dd43151f7dd257a9f3cc
SHA256

36927e7104d99ee422c43ba14d7c4d973961f902e0156659b997111189bb4bf7
SHA512

99c3c1e3c9b9eb22f968064faab86a78fec8dbee831a5b04fdc0d940951d618e3106db88ad118458cead1ad844faee6b75884a0c770e666f5632b850944e8461
SSDEEP

6144:FXdlvdqWLqOKp/B5RyaynzgvGq6JhW71Qgtm0DTgJvj:FXd/zL0/B5YzFHCtmH

Score

1^/10

Malware Config

Signatures

Files

48b4afdf7858765829821b31438b8038_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36cc86e9aa6615737205d7f9a5a076be

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

Issuer

CN=2352323

Not Before

11-02-2012 05:41

Not After

31-12-2039 23:59

Subject

CN=2352323

Extended Key Usages

ExtKeyUsageCodeSigning

49:7a:06:e6:ce:8a:e5:ea:d0:77:23:c1:4c:2b:7a:4b:fd:ec:c0:09
Signer

Actual PE Digest

49:7a:06:e6:ce:8a:e5:ea:d0:77:23:c1:4c:2b:7a:4b:fd:ec:c0:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
CreateFileA

user32

AllowSetForegroundWindow
ReleaseCapture
CharLowerA
ClipCursor
wsprintfA
GetShellWindow
CharToOemA
GrayStringW
PeekMessageW
CreateMenu
DestroyIcon
DdeCmpStringHandles
ShowOwnedPopups
DdeQueryStringA
LoadKeyboardLayoutA
CopyAcceleratorTableA
IsCharAlphaNumericW
wvsprintfW
DrawEdge
DefMDIChildProcW
DdeQueryNextServer
GetCaretPos
DdeQueryConvInfo
DefDlgProcW
IsDialogMessage
MessageBeep
DefWindowProcA
CharUpperBuffW
GetCursorPos
FreeDDElParam
TranslateMDISysAccel
EnumDisplaySettingsW
WaitForInputIdle
DlgDirListComboBoxW
GetInputState
DragDetect
IsIconic
InsertMenuW
CreateCursor
SetMenuInfo
CopyAcceleratorTableW
CharNextA
EnumDisplaySettingsA
ScrollWindowEx
DefDlgProcA
CreateCaret
CopyRect
ChangeClipboardChain
GetWindowPlacement
GetWindowModuleFileName
GetWindowModuleFileNameW
SetPropW
GetPriorityClipboardFormat
GetWindowDC
CharPrevExA
PostThreadMessageW
GetClassWord
GetMessageW
TrackPopupMenu
GetMenuItemRect
UnionRect
DdeNameService
RegisterHotKey
UnhookWinEvent
IMPQueryIMEW
SetActiveWindow
GetProcessDefaultLayout
SendMessageCallbackA
KillTimer
MonitorFromRect
EnumDisplayDevicesW
GetNextDlgGroupItem
ToUnicode
FindWindowExW
DrawIcon
IsCharLowerW
CharUpperA
DdeFreeStringHandle
SetForegroundWindow
SetMessageQueue
RegisterClassW
OpenInputDesktop
SetPropA
BringWindowToTop
DialogBoxIndirectParamW
MessageBoxIndirectW
OemToCharW
MapVirtualKeyExA
SetUserObjectInformationA
TabbedTextOutA
GetLastInputInfo
GetFocus
CreateDialogParamA

comctl32

CreatePropertySheetPageA
InitMUILanguage
ImageList_SetImageCount
ImageList_SetBkColor
UninitializeFlatSB
ImageList_GetIconSize
ImageList_Remove
ImageList_DragLeave
ImageList_Create
ord15
ord2
ImageList_GetImageInfo
ord7
DrawStatusTextW
ord6
ImageList_Replace
ImageList_BeginDrag
ord16
ImageList_DragEnter
ImageList_Merge
ImageList_LoadImage
FlatSB_SetScrollProp
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_SetOverlayImage
ImageList_GetBkColor
CreateStatusWindow
FlatSB_ShowScrollBar
FlatSB_GetScrollInfo
CreateToolbarEx
ImageList_Destroy
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_DragMove
FlatSB_SetScrollInfo
ImageList_DrawIndirect
GetMUILanguage
FlatSB_GetScrollPos
ImageList_GetDragImage
FlatSB_SetScrollPos
_TrackMouseEvent
DrawStatusText
ImageList_Write
ord8
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_ReplaceIcon
ord3
FlatSB_GetScrollRange
CreatePropertySheetPageW
InitCommonControlsEx
CreatePropertySheetPage
CreateStatusWindowW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF3
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textF2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36cc86e9aa6615737205d7f9a5a076be

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25Certificate

Extended Key Usages

49:7a:06:e6:ce:8a:e5:ea:d0:77:23:c1:4c:2b:7a:4b:fd:ec:c0:09Signer

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 3KB - Virtual size: 2KB

.textF3 Size: 273KB - Virtual size: 273KB

.textF4 Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.textF2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 852B

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

49:7a:06:e6:ce:8a:e5:ea:d0:77:23:c1:4c:2b:7a:4b:fd:ec:c0:09
Signer

.text
Size: 3KB - Virtual size: 2KB

.textF3
Size: 273KB - Virtual size: 273KB

.textF4
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.textF2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 852B