605e510079a97c76fb6923183d16589c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

605e510079a97c76fb6923183d16589c_JaffaCakes118
Size

58KB
MD5

605e510079a97c76fb6923183d16589c
SHA1

e3bda6420cf761a8e45bc02a38de022f4f179f57
SHA256

bbb7109c5426b1e62357f7d11b519207d24b87c1d26c0e71bc4dc40a2f2d1630
SHA512

4bcbd44c75784ada5713d995bff56583362292a4eecc1821e3797ccf3dd82e1d6b67b3289184cc0c96808d85bb933883d1107ff3feec7e937bb424bf291d63aa
SSDEEP

768:ki6aw3i+9FPokTviMec1gp3nEPmRPy9EmaUSfassO+wcSDPnGMEa4:9x+9FHiH3nBPy9YfIGDvlEP

Score

1^/10

Malware Config

Signatures

Files

605e510079a97c76fb6923183d16589c_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7f09f9202d16ddfe68be0e6173bde1cb

Code Sign

1c:5d:b1:fb:aa:e3:22:46:b3:6a:5c:fb:d0:e6:bd:90
Certificate

Issuer

CN=t236tqga

Not Before

08-02-2012 05:47

Not After

31-12-2039 23:59

Subject

CN=t236tqga

Extended Key Usages

ExtKeyUsageCodeSigning

b9:b7:b1:0d:25:05:e1:ef:3b:8a:a7:fe:4e:b0:f7:c3:95:03:c7:ea
Signer

Actual PE Digest

b9:b7:b1:0d:25:05:e1:ef:3b:8a:a7:fe:4e:b0:f7:c3:95:03:c7:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
GetWindowsDirectoryW
LoadLibraryA
GetProcAddress
GetSystemInfo
VirtualAlloc
CreateFileW

user32

GetClientRect
GetClipCursor
GetClipboardFormatNameW
GetClipboardSequenceNumber
GetClipboardViewer
GetDC
GetDesktopWindow
GetInputDesktop
GetKBCodePage
GetKeyState
GetKeyboardState
GetLastActivePopup
GetLastInputInfo
GetMenu
GetMenuCheckMarkDimensions
GetMenuInfo
GetMenuItemCount
GetMenuItemRect
GetMenuState
GetMessageExtraInfo
GetOpenClipboardWindow
GetProcessWindowStation
GetQueueStatus
GetSubMenu
GetSysColor
GetTabbedTextExtentW
GetUserObjectInformationA
GetUserObjectInformationW
GetWindowContextHelpId
GetWindowInfo
GetWindowModuleFileName
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowTextA
HideCaret
IMPQueryIMEW
IMPSetIMEA
ImpersonateDdeClientWindow
InsertMenuA
InvalidateRect
IsCharAlphaNumericA
IsCharAlphaW
IsCharLowerA
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDlgButtonChecked
IsWindowUnicode
IsZoomed
LoadCursorA
LoadCursorFromFileA
LoadImageA
LoadKeyboardLayoutW
LoadMenuIndirectW
LoadMenuW
LoadStringW
LockSetForegroundWindow
LockWindowUpdate
LookupIconIdFromDirectory
MapVirtualKeyExA
MapVirtualKeyW
MessageBeep
MessageBoxA
MessageBoxExW
MessageBoxIndirectA
MessageBoxIndirectW
ModifyMenuA
ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
GetClassLongW
OpenIcon
OpenWindowStationA
OpenWindowStationW
PeekMessageA
PostThreadMessageA
PostThreadMessageW
PtInRect
RealGetWindowClass
RegisterClassExA
RegisterClassW
RegisterClipboardFormatA
RegisterHotKey
RegisterWindowMessageA
RemovePropA
ReplyMessage
ScreenToClient
ScrollDC
SendDlgItemMessageA
SendDlgItemMessageW
SendIMEMessageExW
SendInput
SendMessageA
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageW
SendNotifyMessageA
SendNotifyMessageW
SetActiveWindow
SetCaretBlinkTime
SetCaretPos
SetClipboardViewer
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetDoubleClickTime
SetFocus
SetMenuContextHelpId
SetMenuDefaultItem
SetMenuItemInfoA
SetPropA
SetRect
SetScrollPos
SetSysColors
SetTimer
SetUserObjectInformationW
SetWindowPos
SetWindowsHookA
SetWindowsHookExA
ShowCaret
ShowCursor
ShowScrollBar
SwitchDesktop
TabbedTextOutA
ToAscii
ToUnicode
ToUnicodeEx
TrackMouseEvent
TranslateAccelerator
TranslateAcceleratorA
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHook
UnhookWindowsHookEx
UnionRect
UnloadKeyboardLayout
UnpackDDElParam
UnregisterDeviceNotification
UpdateLayeredWindow
UpdateWindow
VkKeyScanExA
VkKeyScanExW
WINNLSGetEnableStatus
WinHelpW
keybd_event
wsprintfA
wvsprintfA
GetClassLongA
GetAsyncKeyState
GetAncestor
GetAltTabInfoA
GetActiveWindow
FrameRect
FlashWindowEx
FindWindowExW
EnumWindows
EnumWindowStationsW
EnumWindowStationsA
EnumThreadWindows
EnumPropsExA
EnumPropsA
EnumDisplaySettingsW
EnumDisplaySettingsExW
EnumDisplayDevicesW
EnumDesktopsW
EnumDesktopsA
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDialog
EndDeferWindowPos
EnableMenuItem
EditWndProc
DrawTextExW
DrawIconEx
DrawIcon
DrawFrame
DrawFocusRect
DrawEdge
DrawAnimatedRects
DlgDirListA
DestroyMenu
DestroyIcon
DestroyAcceleratorTable
DeregisterShellHookWindow
DefMDIChildProcW
DefFrameProcW
DefDlgProcW
DdeUninitialize
DdeSetUserHandle
DdeReconnect
DdeQueryStringW
DdeQueryStringA
DdeQueryNextServer
DdeQueryConvInfo
DdeInitializeW
DdeFreeStringHandle
DdeDisconnectList
DdeDisconnect
DdeCreateStringHandleW
DdeCreateStringHandleA
DdeCreateDataHandle
DdeConnectList
DdeClientTransaction
DdeAddData
DdeAccessData
CreateWindowStationW
CreateWindowExW
CreateMenu
CreateMDIWindowA
CreateIconIndirect
CreateIcon
CreateDialogIndirectParamW
CreateCursor
CountClipboardFormats
CopyAcceleratorTableW
ClientToScreen
CheckRadioButton
CheckMenuRadioItem
CheckDlgButton
CharToOemW
CharToOemBuffW
CharLowerBuffW
ChangeDisplaySettingsA
CallWindowProcW
CallWindowProcA
CallNextHookEx
CallMsgFilterW
BroadcastSystemMessage
BlockInput
BeginPaint
AppendMenuW
AnyPopup
ActivateKeyboardLayout
OemToCharA

shell32

Shell_NotifyIconW
Shell_NotifyIconA
Shell_NotifyIcon
ShellHookProc
ShellExecuteExW
ShellExecuteEx
ShellAboutW
ShellAboutA
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHIsFileAvailableOffline
SHInvokePrinterCommandW
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHInvokePrinterCommandA
WOWShellExecute

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrIA
StrRChrW
StrRStrIA
StrRStrIW
StrStrA
StrStrIW
StrStrW
StrChrA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f09f9202d16ddfe68be0e6173bde1cb

Code Sign

1c:5d:b1:fb:aa:e3:22:46:b3:6a:5c:fb:d0:e6:bd:90Certificate

Extended Key Usages

b9:b7:b1:0d:25:05:e1:ef:3b:8a:a7:fe:4e:b0:f7:c3:95:03:c7:eaSigner

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 520B

.text4 Size: 20KB - Virtual size: 19KB

.text3 Size: 2KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 2KB

1c:5d:b1:fb:aa:e3:22:46:b3:6a:5c:fb:d0:e6:bd:90
Certificate

b9:b7:b1:0d:25:05:e1:ef:3b:8a:a7:fe:4e:b0:f7:c3:95:03:c7:ea
Signer

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 520B

.text4
Size: 20KB - Virtual size: 19KB

.text3
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 2KB