4d7153ebd6d51ffac6c4a8f9563c08b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d7153ebd6d51ffac6c4a8f9563c08b9_JaffaCakes118
Size

185KB
MD5

4d7153ebd6d51ffac6c4a8f9563c08b9
SHA1

e5dfab959fab222e7514686f7420fd7f7985f11c
SHA256

97bceec08b90ee27e4aedce7367b672d31a2dd876569e480c8a8631a9d18a122
SHA512

da764ae962c8d71c55afcc0c70a4e9a47aa1af64dfc8e663af3dab9b2fc95000941e421bb21c0018b22b2890461d0e90b422965ad01ea78c0b9a51de359471ed
SSDEEP

3072:/Ww2m6S+MyDafJhyabt+Ho3MU4Ocnq1axu9eDnZC1zDzvEahvT84qF8A:OwHsaxhdsHo3p4Ouu9eDnZC1zRQp

Score

1^/10

Malware Config

Signatures

Files

4d7153ebd6d51ffac6c4a8f9563c08b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ca862986eb298d5f044ec6efa70b657c

Code Sign

77:4c:30:b8:0c:cb:89:4e:bf:d3:01:63:14:4a:12:5b
Certificate

Issuer

CN=wwYQgloQ1QSh7PP

Not Before

20/03/2012, 12:24

Not After

31/12/2039, 23:59

Subject

CN=wwYQgloQ1QSh7PP

Extended Key Usages

ExtKeyUsageCodeSigning

46:5d:d5:d6:f9:3b:8d:28:27:13:52:48:b4:35:8b:43:0e:3b:88:f1
Signer

Actual PE Digest

46:5d:d5:d6:f9:3b:8d:28:27:13:52:48:b4:35:8b:43:0e:3b:88:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
VirtualAlloc
lstrlenW
lstrcpyW
CreateFileW

user32

AttachThreadInput
BlockInput
CallNextHookEx
CharLowerBuffA
CharPrevA
CharToOemBuffA
CharToOemW
CharUpperBuffW
CheckMenuItem
CreateAcceleratorTableW
CreateIcon
DdeAbandonTransaction
DdeAccessData
DdeCreateDataHandle
DdeInitializeW
DdeQueryNextServer
DdeQueryStringA
DefWindowProcW
DestroyAcceleratorTable
DestroyWindow
DlgDirListComboBoxW
DrawFrame
EnableScrollBar
EnableWindow
EndDialog
EndMenu
EnumDesktopsA
EnumDisplayDevicesA
EnumDisplayMonitors
EnumDisplaySettingsExW
ExitWindowsEx
FrameRect
GetAncestor
GetAsyncKeyState
GetClassInfoW
GetClipCursor
GetFocus
GetLastInputInfo
GetMessageTime
GetMonitorInfoW
GetPropA
GetQueueStatus
AdjustWindowRectEx
GetSubMenu
GetSystemMenu
GetTitleBarInfo
GetWindowLongW
GetWindowModuleFileNameW
IMPGetIMEW
IMPQueryIMEA
IMPSetIMEW
ImpersonateDdeClientWindow
InsertMenuA
InsertMenuW
IsCharAlphaW
IsCharUpperA
IsDialogMessage
IsDialogMessageA
IsDialogMessageW
IsIconic
IsWindow
LoadBitmapW
LoadStringW
MapVirtualKeyW
MessageBoxW
MonitorFromWindow
OemToCharW
OffsetRect
OpenWindowStationA
PackDDElParam
PaintDesktop
RealGetWindowClassW
RegisterClipboardFormatW
SendMessageCallbackA
SendMessageCallbackW
SendMessageTimeoutA
SendMessageTimeoutW
SetDebugErrorLevel
SetDlgItemTextW
SetLastErrorEx
SetMenu
SetMenuItemBitmaps
SetMessageExtraInfo
SetTimer
ShowScrollBar
ShowWindow
UpdateWindow
WINNLSEnableIME
wvsprintfA
ActivateKeyboardLayout
GetScrollRange

advapi32

RegOpenKeyExA

ole32

CLIPFORMAT_UserSize
CLSIDFromProgID
CoCreateGuid
CoCreateInstanceEx
CoDosDateTimeToFileTime
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetObject
CoGetStandardMarshal
CoIsOle1Class
CoLoadLibrary
CoLockObjectExternal
CoRegisterChannelHook
CoRegisterMallocSpy
CoRegisterSurrogateEx
CoReleaseMarshalData
CoResumeClassObjects
CoRevertToSelf
CoRevokeMallocSpy
CoTestCancel
CoTreatAsClass
CreateClassMoniker
CreateDataCache
CreateFileMoniker
CreateGenericComposite
CreateOleAdviseHolder
DcomChannelSetHResult
DllGetClassObjectWOW
DoDragDrop
GetConvertStg
GetHGlobalFromStream
GetHookInterface
HACCEL_UserSize
HACCEL_UserUnmarshal
HBRUSH_UserMarshal
HBRUSH_UserUnmarshal
HDC_UserMarshal
HGLOBAL_UserFree
HGLOBAL_UserUnmarshal
HMENU_UserMarshal
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserFree
HPALETTE_UserUnmarshal
HWND_UserSize
HWND_UserUnmarshal
HkOleRegisterObject
IIDFromString
IsEqualGUID
MkParseDisplayName
OleConvertIStorageToOLESTREAMEx
OleCreateEmbeddingHelper
OleCreateEx
OleCreateFromFile
OleCreateLink
OleCreateLinkFromData
OleCreateLinkFromDataEx
OleDoAutoConvert
OleGetClipboard
OleGetIconOfClass
OleNoteObjectVisible
OleQueryLinkFromData
OleRun
OleSave
OleSetClipboard
OleUninitialize
OpenOrCreateStream
ReadFmtUserTypeStg
RegisterDragDrop
SNB_UserMarshal
STGMEDIUM_UserFree
SetDocumentBitStg
StgCreatePropSetStg
StgGetIFillLockBytesOnFile
StgGetIFillLockBytesOnILockBytes
StgIsStorageILockBytes
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorageOnILockBytes
StringFromGUID2
StringFromIID
UtConvertDvtd32toDvtd16
WdtpInterfacePointer_UserMarshal
WriteClassStm
WriteStringStream

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca862986eb298d5f044ec6efa70b657c

Code Sign

77:4c:30:b8:0c:cb:89:4e:bf:d3:01:63:14:4a:12:5bCertificate

Extended Key Usages

46:5d:d5:d6:f9:3b:8d:28:27:13:52:48:b4:35:8b:43:0e:3b:88:f1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 173KB - Virtual size: 172KB

.data Size: 512B - Virtual size: 188B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

77:4c:30:b8:0c:cb:89:4e:bf:d3:01:63:14:4a:12:5b
Certificate

46:5d:d5:d6:f9:3b:8d:28:27:13:52:48:b4:35:8b:43:0e:3b:88:f1
Signer

.text
Size: 173KB - Virtual size: 172KB

.data
Size: 512B - Virtual size: 188B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB