65411a7dddd0a41a3f4553af66f2de76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65411a7dddd0a41a3f4553af66f2de76_JaffaCakes118
Size

4.3MB
MD5

65411a7dddd0a41a3f4553af66f2de76
SHA1

cd5321b7f76bcfd552cfa4eb95b2b16e594432c4
SHA256

268b8f092d7e80aeb0592e0c233b66e685d8c0e8c94d7f326e05b1ff33b1814a
SHA512

38d4e2d1ded02863e6461d84a4c1133a5e1a1143f3f3a7e48b811e709df85fd34abc5cd879d8a69b9e7ddb910f71484feeec81be53601256f0df4d8e1696670c
SSDEEP

49152:fB0PRVQFKYzjkGamOZSnA3pOmk4/E/mxmOqJTK4YfOWCE5orcX30TzN1b6n:CPOK+jyZSnAcmf/E/kWpYfOSI1bo

Score

1^/10

Malware Config

Signatures

Files

65411a7dddd0a41a3f4553af66f2de76_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6f9243ae46ab4b97e36118a54b3961e8

Code Sign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:7a:04:4d:98:75:ab:52:00:31:48:88:c3:9c:54:86:ef
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

27/10/2011, 15:26

Not After

27/10/2013, 15:26

Subject

CN=Tuto4PC.com,O=Tuto4PC.com,L=Paris,ST=Ile-de-france,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d9:44:7f:89:58:b0:d6:52:bd:34:1d:8c:01:1c:7a:9c:bb:17:53:62
Signer

Actual PE Digest

d9:44:7f:89:58:b0:d6:52:bd:34:1d:8c:01:1c:7a:9c:bb:17:53:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dev\sources\VS2010\Agence_v2\Release_pctuto\tutorials.pdb

Imports

iphlpapi

GetAdaptersInfo

kernel32

CreateEventW
InitializeCriticalSectionAndSpinCount
SuspendThread
GetAtomNameW
GetHandleInformation
DuplicateHandle
GetVolumeInformationW
lstrcmpiW
GetModuleFileNameW
GetModuleHandleW
DeactivateActCtx
ActivateActCtx
GetFileSizeEx
GetFileTime
lstrcmpA
lstrlenA
LocalAlloc
SetThreadPriority
ResumeThread
FreeResource
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
CompareStringW
InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
LoadLibraryExW
GetLocaleInfoW
GetCurrentThread
InterlockedExchange
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateActCtxW
ReleaseActCtx
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
VirtualProtect
GetProfileIntW
GlobalFlags
GetSystemDirectoryW
FindResourceExW
GetWindowsDirectoryW
GetNumberFormatW
GetUserDefaultLCID
SearchPathW
HeapSetInformation
GetStartupInfoW
RtlUnwind
EncodePointer
DecodePointer
RaiseException
HeapValidate
IsBadReadPtr
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateThread
ExitThread
GetModuleFileNameA
ExitProcess
SetStdHandle
GetFileType
VirtualAlloc
VirtualQuery
GetStdHandle
OutputDebugStringA
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
IsProcessorFeaturePresent
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
LCMapStringW
GetStringTypeW
HeapReAlloc
HeapSize
HeapQueryInformation
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
CreateFileMappingA
GetCurrentThreadId
SetEvent
MulDiv
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
SizeofResource
LockResource
LoadResource
FindResourceW
TerminateThread
GlobalGetAtomNameW
WaitForSingleObject
Sleep
MultiByteToWideChar
GetCurrentDirectoryW
CreateDirectoryW
GetTempPathW
DeleteFileW
CopyFileW
TerminateProcess
OpenProcess
Process32NextW
GetCurrentProcessId
CreateToolhelp32Snapshot
GetLastError
CreateMutexW
CloseHandle
Process32FirstW
HeapFree
HeapAlloc
GetProcessHeap
lstrcpyW
lstrlenW
GlobalFree
WriteFile
CreateFileW
WideCharToMultiByte
GetVersionExW
SetLastError
GetCurrentProcess
GetThreadLocale
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
GetProcAddress
LoadLibraryW
GetTickCount
GetCommandLineW
CreateProcessW
DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
LoadLibraryA
GetDiskFreeSpaceW
EnterCriticalSection
LockFileEx
FlushFileBuffers
ReadFile
GetFileAttributesA
LeaveCriticalSection
FormatMessageW
InitializeCriticalSection
FormatMessageA
GetSystemTimeAsFileTime
UnlockFileEx
LockFile
UnlockFile
InterlockedCompareExchange
QueryPerformanceCounter
FreeLibrary
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
GetFileSize
CreateFileA
GetFullPathNameA
GetFullPathNameW
OutputDebugStringW
GetTempFileNameW

user32

DrawTextW
DrawTextExW
GrayStringW
CreateMenu
CreatePopupMenu
DeleteMenu
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
InsertMenuItemW
ModifyMenuW
LoadMenuW
GetWindowThreadProcessId
SetCursor
GetClipboardFormatNameA
GetClipboardFormatNameW
UnpackDDElParam
GetAsyncKeyState
SetRectEmpty
ReleaseCapture
DestroyMenu
RealChildWindowFromPoint
CopyAcceleratorTableW
GetKeyNameTextW
MapVirtualKeyW
LoadAcceleratorsW
TranslateAcceleratorW
ReuseDDElParam
DestroyIcon
LoadImageW
EnumDisplayMonitors
SetLayeredWindowAttributes
MessageBeep
UnregisterClassW
GetIconInfo
CopyImage
DrawIconEx
RegisterClipboardFormatW
DestroyAcceleratorTable
CreateAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
SetCursorPos
SetClassLongW
IsCharLowerW
MapVirtualKeyExW
MonitorFromPoint
UpdateLayeredWindow
OffsetRect
WaitMessage
SetClipboardData
CloseClipboard
EmptyClipboard
PtInRect
CopyIcon
IsRectEmpty
CharUpperBuffW
DefFrameProcW
TranslateMDISysAccel
DefMDIChildProcW
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpW
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetClassLongW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongW
GetDlgCtrlID
GetWindowTextLengthW
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetSysColorBrush
LoadIconW
DrawFocusRect
PostThreadMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowLongW
EnableWindow
NotifyWinEvent
SetWindowContextHelpId
SetForegroundWindow
HideCaret
OpenClipboard
WindowFromPoint
SetParent
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
GetFocus
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
InvalidateRgn
InvalidateRect
GetUpdateRect
UpdateWindow
GetWindowDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
GetDesktopWindow
CharUpperW
TabbedTextOutW
PostMessageW
SendMessageW
MapDialogRect
PostQuitMessage
GetKeyState
CallNextHookEx
PeekMessageW
GetCursorPos
SetWindowsHookExW
ValidateRect
GetMessageW
TranslateMessage
DispatchMessageW
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemID
CharNextW
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
FindWindowW
SystemParametersInfoW
ReleaseDC
GetDC
GetWindowRect
GetSystemMetrics
IsWindow
GetClassNameA
GetLastInputInfo
WaitForInputIdle
GetForegroundWindow
IsWindowVisible
SendMessageTimeoutW
EnumChildWindows
GetClassNameW
EnumWindows
GetWindowTextW
GetWindowInfo
RegisterWindowMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
DrawFrameControl
DrawEdge
DrawStateW
DrawIcon
InvertRect
FrameRect
FillRect
LoadCursorW
GetClassInfoW
RegisterClassW
SendDlgItemMessageA
MonitorFromWindow
GetMonitorInfoW
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos

gdi32

CreatePolygonRgn
CreateRoundRectRgn
SetRectRgn
CombineRgn
OffsetRgn
GetRgnBox
PtInRegion
CreateCompatibleDC
SelectObject
RealizePalette
GetBkColor
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
PtVisible
RectVisible
Polyline
Ellipse
Rectangle
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
ExtFloodFill
TextOutW
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
GetDeviceCaps
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
GetNearestPaletteIndex
SetPaletteEntries
GetPaletteEntries
CreatePalette
CreateCompatibleBitmap
CopyMetaFileW
CreateFontIndirectW
CreatePatternBrush
Escape
GetBoundsRect
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
GetStockObject
CreateBitmap
GetObjectW
SetBkColor
SetPixelV
SetTextColor
ExtTextOutW
CreateDCW
Polygon
SetDIBColorTable
CreateDIBSection
GetSystemPaletteEntries
EnumFontFamiliesExW
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesW
ExtSelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
DeleteDC

advapi32

RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegEnumValueW
SetThreadToken
RevertToSelf
OpenThreadToken
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
FreeSid
IsTextUnicode
GetUserNameW
LookupPrivilegeValueW
RegQueryInfoKeyW
OpenProcessToken
GetTokenInformation
EqualSid
RegEnumKeyExW
AllocateAndInitializeSid

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHAppBarMessage
SHGetFolderPathW
ShellExecuteW
SHGetSpecialFolderPathW
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHGetFileInfoW

ole32

OleFlushClipboard
DoDragDrop
OleCreateMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
OleDuplicateData
OleDestroyMenuDescriptor

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathFindExtensionW
UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW

oledlg

OleUIBusyW

wininet

InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetLastResponseInfoW
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
HttpAddRequestHeadersW

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageWidth
GdipFree
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipSetInterpolationMode
GdipGetImagePaletteSize
GdipGetImagePalette

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetFileTitleW

oleaut32

SafeArrayDestroy
SysStringLen
VariantCopy
VarBstrFromDate
SysAllocString
OleCreateFontIndirect
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 585KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f9243ae46ab4b97e36118a54b3961e8

Code Sign

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

11:21:7a:04:4d:98:75:ab:52:00:31:48:88:c3:9c:54:86:efCertificate

Extended Key Usages

Key Usages

d9:44:7f:89:58:b0:d6:52:bd:34:1d:8c:01:1c:7a:9c:bb:17:53:62Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

msimg32

comctl32

shlwapi

oledlg

wininet

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

oleaut32

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 585KB - Virtual size: 584KB

.data Size: 43KB - Virtual size: 76KB

.rsrc Size: 306KB - Virtual size: 306KB

.reloc Size: 270KB - Virtual size: 270KB

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:7a:04:4d:98:75:ab:52:00:31:48:88:c3:9c:54:86:ef
Certificate

d9:44:7f:89:58:b0:d6:52:bd:34:1d:8c:01:1c:7a:9c:bb:17:53:62
Signer

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 585KB - Virtual size: 584KB

.data
Size: 43KB - Virtual size: 76KB

.rsrc
Size: 306KB - Virtual size: 306KB

.reloc
Size: 270KB - Virtual size: 270KB