5ea0f2990dd29adef319b764d44574e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ea0f2990dd29adef319b764d44574e4_JaffaCakes118
Size

324KB
MD5

5ea0f2990dd29adef319b764d44574e4
SHA1

39ad60a5fca82e5c36af736fc00bd13c2c3e22be
SHA256

b728fe9ea4bd2f8c3e31ccdc207bd084876e73ebeeffc9df1ec121519f293ac6
SHA512

f19cc7058d1cf149429993bd771a5c40f18d3fdc91374b577cc64cf50c09627a65abbdd91f4a6d505338b2070f58ea1d40d56506df3305b7022beb7f08d57e0b
SSDEEP

6144:KzCqAd3SyIRffHNx8f0Bhf7KucffAUy/tCu0pnWC:wxycftx8siuLb9C

Score

1^/10

Malware Config

Signatures

Files

5ea0f2990dd29adef319b764d44574e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56c27d4dc1b6be3ee1482e5aeebfaac7

Code Sign

75:94:49:e1:66:f5:9f:8c:4c:3e:3b:82:27:cc:5a:11
Certificate

Issuer

CN=253322

Not Before

05/02/2012, 19:33

Not After

31/12/2039, 23:59

Subject

CN=253322

Extended Key Usages

ExtKeyUsageCodeSigning

8c:23:2a:b1:1f:65:e0:22:f8:2e:b3:81:5a:07:9a:6e:df:62:dc:03
Signer

Actual PE Digest

8c:23:2a:b1:1f:65:e0:22:f8:2e:b3:81:5a:07:9a:6e:df:62:dc:03

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc
LockResource
CloseHandle
SetVolumeMountPointW
DefineDosDeviceA
FindVolumeMountPointClose
ReadConsoleOutputCharacterW
MoveFileA
LeaveCriticalSection
GetThreadContext
BackupWrite
lstrcmp
IsBadWritePtr
EnumUILanguagesA
_hread
DebugBreak
CreateConsoleScreenBuffer
SetCommMask
GetTimeFormatW
WritePrivateProfileStringW
LoadLibraryExW
TransactNamedPipe
SetVolumeLabelW
GlobalFindAtomW
GetCurrentThread
GetConsoleAliasesLengthW
EnumResourceNamesA
WritePrivateProfileSectionA
VirtualProtect
GetCPInfoExA
FindFirstVolumeA
Module32FirstW
FlushFileBuffers
GetDiskFreeSpaceA
FreeConsole
MapUserPhysicalPages
GetProfileSectionW
SetHandleInformation
SetCriticalSectionSpinCount
OpenWaitableTimerW
SetThreadIdealProcessor
GlobalMemoryStatusEx
FormatMessageW
OpenEventA
GetThreadPriorityBoost
GetSystemDefaultLCID
GetVolumePathNameW
SetThreadExecutionState
SearchPathA
ReplaceFileW
CreateDirectoryW
GetConsoleAliasesLengthA
OpenThread
DosDateTimeToFileTime
GetEnvironmentStrings
GetCurrentProcess
GetProfileIntA
SetProcessWorkingSetSize
GetProfileIntW
WaitNamedPipeW
WriteFile
GetVolumeInformationW
FindFirstVolumeMountPointW
SetConsoleMode
_lclose
GetTapePosition
ContinueDebugEvent
GetSystemInfo
CreateFileMappingA
GetOEMCP
GetCurrentDirectoryW
EnumResourceLanguagesW
GetDriveTypeW
SetEvent
PeekConsoleInputW
_lread
SetPriorityClass
TlsGetValue
_llseek
FindNextChangeNotification
GetProfileStringW
SetLocaleInfoA
GetCommConfig
Heap32Next
DeleteAtom
MoveFileExW
LocalHandle
SetProcessPriorityBoost
UnregisterWaitEx
VerLanguageNameA
Sleep
FindResourceW
GetFileTime
Heap32First
GetFileAttributesExW
BackupRead

user32

SetLastErrorEx
GetClassLongA
DrawEdge
EnumDisplaySettingsA
CharLowerBuffW
GetClassWord
GetClientRect
CharPrevExA
SetParent
GetMenuStringW
GetShellWindow
CharUpperBuffW
WindowFromPoint
GetUserObjectInformationA
SetShellWindow
GetGuiResources
GetClipboardSequenceNumber
ActivateKeyboardLayout
SetWindowContextHelpId
EnableScrollBar
GetIconInfo
EnumPropsExW
GetMenuItemCount
SetMessageQueue
RegisterWindowMessageA
GetTabbedTextExtentW
SetDeskWallpaper
SetClassLongA
RemoveMenu
GetMenuCheckMarkDimensions
GetClipboardFormatNameA
GetMenuItemInfoA
SetThreadDesktop
EndMenu
InvalidateRgn
ScrollWindow
LoadMenuIndirectA
CascadeChildWindows
GetWindowDC
IsWindowUnicode
LoadIconA
EnableMenuItem
GetMessageW
TrackPopupMenu
IsRectEmpty
EnumDisplaySettingsExW
SendMessageW
ShowWindowAsync
GetDlgItemTextW
CreateDialogParamW
SetCursor
CreateDialogIndirectParamA
VkKeyScanA
PaintDesktop
GetMonitorInfoA
SwitchToThisWindow
AppendMenuW
IsCharAlphaNumericA
DdeImpersonateClient
SetWindowTextA
EnumWindows
PostThreadMessageA
ImpersonateDdeClientWindow
SetFocus
IsIconic
UnhookWindowsHook
ModifyMenuA
DefFrameProcA
DdeUnaccessData
MonitorFromRect
ArrangeIconicWindows
GetClassNameW
GetWindowLongW
ExitWindowsEx
SetDebugErrorLevel
UnregisterDeviceNotification
EndPaint
OemToCharBuffA
SetTimer
SendMessageCallbackA
DdeQueryConvInfo
SendNotifyMessageW
GetGUIThreadInfo
DdeFreeDataHandle
RegisterWindowMessageW
CallMsgFilterW
GetThreadDesktop
GetAltTabInfoA
DestroyCursor
GetMenuStringA
IsWindowVisible

advapi32

RegOpenKeyExW

ole32

OleCreate
CoIsHandlerConnected
UtGetDvtd32Info
CoDosDateTimeToFileTime
HACCEL_UserUnmarshal
OleLoad
CoCopyProxy
CoGetCallerTID
WriteOleStg
OleTranslateAccelerator
HBITMAP_UserMarshal
HICON_UserUnmarshal
DcomChannelSetHResult
OleLoadFromStream
RevokeDragDrop
HGLOBAL_UserMarshal
GetRunningObjectTable
CoBuildVersion
FmtIdToPropStgName
CoDisableCallCancellation
CoRegisterMessageFilter
DllGetClassObjectWOW
OleCreateFromData
CreateItemMoniker
OleBuildVersion
HWND_UserMarshal
CoReactivateObject
OleNoteObjectVisible
CLIPFORMAT_UserSize
OleConvertIStorageToOLESTREAMEx
StgGetIFillLockBytesOnILockBytes
UpdateDCOMSettings
OleIsRunning
CLSIDFromProgID
ProgIDFromCLSID
HBRUSH_UserMarshal
WriteStringStream
StgCreateDocfile
CoGetApartmentID
UtConvertDvtd16toDvtd32
CoCancelCall
StgCreatePropStg
CoTestCancel
OpenOrCreateStream
ReadStringStream
OleCreateDefaultHandler
HPALETTE_UserMarshal
CoRegisterPSClsid
SNB_UserMarshal
GetHGlobalFromILockBytes
CoLoadLibrary
CoInitializeSecurity
HMETAFILEPICT_UserMarshal
CLIPFORMAT_UserFree
CLIPFORMAT_UserUnmarshal
CoDisconnectObject
CoGetMalloc
CoRevokeMallocSpy
CoReleaseServerProcess
HGLOBAL_UserFree
OleIsCurrentClipboard
CoIsOle1Class
StgCreateDocfileOnILockBytes
CoImpersonateClient
OleConvertOLESTREAMToIStorageEx
OleCreateLink
CLSIDFromString
CoGetStdMarshalEx
HICON_UserMarshal
OleGetIconOfFile
OleSetContainedObject
CoFileTimeNow
CoGetInterfaceAndReleaseStream
CoQueryAuthenticationServices
STGMEDIUM_UserMarshal
StgGetIFillLockBytesOnFile
HBRUSH_UserUnmarshal
HICON_UserSize
CoQueryReleaseObject
CreateStreamOnHGlobal
GetClassFile
CreateFileMoniker
OleCreateLinkToFile
UtGetDvtd16Info
CoFreeUnusedLibraries
CoUnloadingWOW
CoReleaseMarshalData
StringFromIID

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textg
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56c27d4dc1b6be3ee1482e5aeebfaac7

Code Sign

75:94:49:e1:66:f5:9f:8c:4c:3e:3b:82:27:cc:5a:11Certificate

Extended Key Usages

8c:23:2a:b1:1f:65:e0:22:f8:2e:b3:81:5a:07:9a:6e:df:62:dc:03Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 3KB - Virtual size: 3KB

.textg Size: 304KB - Virtual size: 303KB

.text0 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

75:94:49:e1:66:f5:9f:8c:4c:3e:3b:82:27:cc:5a:11
Certificate

8c:23:2a:b1:1f:65:e0:22:f8:2e:b3:81:5a:07:9a:6e:df:62:dc:03
Signer

.text
Size: 3KB - Virtual size: 3KB

.textg
Size: 304KB - Virtual size: 303KB

.text0
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB