4990a0213645938afbf95dc3130d4142_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4990a0213645938afbf95dc3130d4142_JaffaCakes118
Size

186KB
MD5

4990a0213645938afbf95dc3130d4142
SHA1

732920cec0ddc7ae675c14ae434e0e689e7f1e3c
SHA256

9d7cf8c0a32cc767ab6f4034d57e7d4c59d746a958071307bd85704f6673e97b
SHA512

dfd9bf3ea4f7d8553b7d1612d34ee3944683b8bb7cd5d776003d889923cf94df2f632aff8546a4d3554c0792dc9ff9b19dd217037fb48bdaabfa48c18d917dd1
SSDEEP

3072:OVbJcs/pjm5i2EUCtzN8oD/+rX8rNYhdhYRFHjsHwfqiz76E2gUc1Pq9G:WV3YRCFN82/+rXyG6VsHwftz7f

Score

1^/10

Malware Config

Signatures

Files

4990a0213645938afbf95dc3130d4142_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3ac16cf8143935b5134db3c74ec1f9ae

Code Sign

6c:c2:f8:dd:07:ff:a3:7e:b4:e8:f3:14:2c:74:50:dc
Certificate

Issuer

CN=macghuecjqpauvbappsfvtitavzddrpmxsykoeedclmmicxqtzmmgetzsxhrjdbungrpiqllztpaelfyoakadvlndawhoyuknimozgswrzwdikphidlkfxeimvvwmcxiidzrnftpydqzhmqhlhwyvooubquyltkujlecquccrsrqgjtunzkszaflkeqapyfijnovqeibyscweqjahhfnhpndcttfowctbdwporumztnfmzrjquvcenxbaewntsvemrlzbpvsfwvblbwqpneunepqdverdqzytzvgjgrgdsmowpbukepwzxvompgekydtclenmbmzlleqgjfdkxwgwbqwkxckwvrmbavrbkgbateytefgcjdtcdbtisbjorzkdetjhrywwwzzeuvafwyyhmyuvmyzbtizcwebelkcdnraacvomchcrrcwqgywrlvaxqtygcksezpcjyugajokedhbrpsnjdnnpopaufpakcpaahfxwnor

Not Before

20/07/2012, 08:46

Not After

31/12/2039, 23:59

Subject

CN=macghuecjqpauvbappsfvtitavzddrpmxsykoeedclmmicxqtzmmgetzsxhrjdbungrpiqllztpaelfyoakadvlndawhoyuknimozgswrzwdikphidlkfxeimvvwmcxiidzrnftpydqzhmqhlhwyvooubquyltkujlecquccrsrqgjtunzkszaflkeqapyfijnovqeibyscweqjahhfnhpndcttfowctbdwporumztnfmzrjquvcenxbaewntsvemrlzbpvsfwvblbwqpneunepqdverdqzytzvgjgrgdsmowpbukepwzxvompgekydtclenmbmzlleqgjfdkxwgwbqwkxckwvrmbavrbkgbateytefgcjdtcdbtisbjorzkdetjhrywwwzzeuvafwyyhmyuvmyzbtizcwebelkcdnraacvomchcrrcwqgywrlvaxqtygcksezpcjyugajokedhbrpsnjdnnpopaufpakcpaahfxwnor

Extended Key Usages

ExtKeyUsageCodeSigning

01:f1:c6:3c:d6:b3:06:24:be:7d:9a:d5:6d:e9:ac:cc:c7:d1:14:cf
Signer

Actual PE Digest

01:f1:c6:3c:d6:b3:06:24:be:7d:9a:d5:6d:e9:ac:cc:c7:d1:14:cf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
lstrcatW
CloseHandle
VirtualAlloc
CreateFileW

user32

EndPaint
BeginPaint
PostQuitMessage
DefWindowProcA
LoadIconA

gdi32

UnrealizeObject
SetWorldTransform
SetViewportOrgEx
UpdateColors
StartDocW
TranslateCharsetInfo
GetColorAdjustment
XLATEOBJ_piVector
XFORMOBJ_iGetXform
AngleArc
BitBlt
CLIPOBJ_ppoGetPath
CancelDC
CloseEnhMetaFile
CreateDIBSection
CreateDIBitmap
CreateDiscardableBitmap
CreateEllipticRgnIndirect
CreateFontIndirectExW
CreateICW
CreatePatternBrush
CreateSolidBrush
Ellipse
EngCheckAbort
EngDeletePath
EngEraseSurface
EngFillPath
EngFindResource
EngGradientFill
EngReleaseSemaphore
EnumICMProfilesA
EnumMetaFile
EqualRgn
Escape
ExcludeClipRect
ExtEscape
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_pxoGetXform
FixBrushOrgEx
FontIsLinked
GdiAddFontResourceW
GdiComment
GdiConsoleTextOut
GdiConvertPalette
GdiConvertToDevmodeW
GdiDllInitialize
GdiEntry11
GdiEntry2
GdiEntry7
GdiFixUpHandle
GdiFullscreenControl
GdiGetCharDimensions
GdiGetSpoolFileHandle
GdiPlayPageEMF
GdiReleaseLocalDC
GdiSetServerAttr
GdiSwapBuffers
GdiValidateHandle
GetBitmapBits
GetBkColor
GetCharABCWidthsI
GetCharacterPlacementW
SetTextColor
GetDCOrgEx
GetDIBits
GetGlyphOutlineWow
GetMetaFileA
GetMetaFileBitsEx
GetObjectA
GetOutlineTextMetricsW
GetPolyFillMode
GetROP2
GetStringBitmapA
GetStringBitmapW
GetTextCharacterExtra
GetTextCharset
GetTextCharsetInfo
GetWorldTransform
ModifyWorldTransform
PATHOBJ_vEnumStart
PATHOBJ_vEnumStartClipLines
PaintRgn
Pie
PlayEnhMetaFileRecord
PolyBezier
PolyDraw
PolyTextOutW
Polyline
PtVisible
RemoveFontResourceExW
RemoveFontResourceW
ResizePalette
STROBJ_vEnumStart
SetBitmapBits
SetBkColor
SetBoundsRect
SetColorSpace
SetDIBits
SetDIBitsToDevice
SetFontEnumeration
SetGraphicsMode
SetICMProfileA
SetICMProfileW
SetLayout
SetPixel
SetPolyFillMode
SetRectRgn
SetTextCharacterExtra
UpdateICMRegKeyW

advapi32

RegOpenKeyW
RegOpenKeyExW

msvcrt

_cexit
_fdopen
_strdup
_timezone
atexit
setlocale

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ac16cf8143935b5134db3c74ec1f9ae

Code Sign

6c:c2:f8:dd:07:ff:a3:7e:b4:e8:f3:14:2c:74:50:dcCertificate

Extended Key Usages

01:f1:c6:3c:d6:b3:06:24:be:7d:9a:d5:6d:e9:ac:cc:c7:d1:14:cfSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 460B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

6c:c2:f8:dd:07:ff:a3:7e:b4:e8:f3:14:2c:74:50:dc
Certificate

01:f1:c6:3c:d6:b3:06:24:be:7d:9a:d5:6d:e9:ac:cc:c7:d1:14:cf
Signer

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 460B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB