63654b7479e89c5a693073b8ee313572_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63654b7479e89c5a693073b8ee313572_JaffaCakes118
Size

68KB
MD5

63654b7479e89c5a693073b8ee313572
SHA1

ccaf787a9f1fb604013ed25aa1572b88480de361
SHA256

00aa3b9b87549aeaec1811b927fb308c04d0c572e194af1db10875890e339adf
SHA512

5134f13fa1809996b44b3db2b4827cebeb138600fae4fe9d69d05bd513da8bc5570ca4d32d20c19b7ec62685ddfc33a15fd864d26e3afeb8ff2bbc1a17e68eae
SSDEEP

1536:nmGRpIDEXi+GV1P7o3mkMCxXY05ux0VR/g9qX:nhsEuU3mjC5YPxWR/N

Score

1^/10

Malware Config

Signatures

Files

63654b7479e89c5a693073b8ee313572_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ff5db779051c57661a5da085239ce27

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

Issuer

CN=UD48SN2pZFYF

Not Before

13/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=UD48SN2pZFYF

Extended Key Usages

ExtKeyUsageCodeSigning

65:3c:56:80:0d:69:e4:18:fc:76:37:3b:74:7f:c3:ec:b6:1a:04:aa
Signer

Actual PE Digest

65:3c:56:80:0d:69:e4:18:fc:76:37:3b:74:7f:c3:ec:b6:1a:04:aa

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetComputerNameA

user32

GetSysColorBrush
EndDeferWindowPos
CallWindowProcW
ActivateKeyboardLayout
DrawTextExA
ShowCaret
GetMenuCheckMarkDimensions
ScreenToClient
LoadMenuIndirectW
OemKeyScan
CheckMenuItem
DdeGetData
DdeKeepStringHandle
TrackPopupMenu
CascadeWindows
SetWindowTextW
GetKeyboardState
EndDialog
LoadCursorA
GetSystemMetrics
PostQuitMessage
DrawTextW
DdeQueryNextServer
ModifyMenuA
GetIconInfo
DdeUnaccessData
GetScrollRange
IsCharUpperW
ValidateRgn
DestroyWindow
GrayStringW
DestroyCursor
CharPrevW
ChangeDisplaySettingsExW
ReuseDDElParam
FindWindowA
RegisterHotKey
SetActiveWindow
GetCaretPos
ChildWindowFromPointEx
SetSystemCursor
IMPSetIMEW
SetUserObjectSecurity
ScrollWindowEx
ToAsciiEx
DefDlgProcA
SwapMouseButton
OemToCharA
GetWindowTextLengthA
SetProcessDefaultLayout
LookupIconIdFromDirectoryEx
SetDebugErrorLevel
IsWindowEnabled
SetRectEmpty
GetClipboardFormatNameA
CreateDialogParamA
GetDlgItemTextW
FlashWindow
MonitorFromRect
DlgDirSelectExA
GetWindow
IsClipboardFormatAvailable
DrawIcon
LoadStringA
SendMessageTimeoutA
CreateIconFromResourceEx
CreateIcon
RegisterClassExW
MessageBoxExW
CopyAcceleratorTableW
SetUserObjectInformationA
DeferWindowPos
CloseClipboard
IsRectEmpty
CreateWindowStationW
WINNLSEnableIME
DestroyIcon
ShowWindow
MessageBoxA
EnumWindowStationsW
OemToCharW
ModifyMenuW
GetKBCodePage
GetUserObjectInformationA
GetMenu
FindWindowExA
DlgDirListW
GrayStringA
InvertRect
SetPropW
BeginDeferWindowPos
LoadIconA

advapi32

RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindSuffixArrayW
PathIsRootA
SHRegGetUSValueA
PathIsURLA
SHQueryInfoKeyA
SHRegDeleteUSValueA
StrCpyNW
wvnsprintfW
StrCmpNA
PathRemoveFileSpecA
SHRegEnumUSKeyA
UrlIsNoHistoryW
AssocQueryKeyA
PathGetCharTypeW
StrStrIW
PathIsURLW
SHStrDupA
SHRegSetUSValueA
PathIsUNCServerShareW
SHDeleteKeyA
UrlIsOpaqueW
StrCSpnA
PathCompactPathExW
PathIsUNCA
SHCreateShellPalette
SHGetThreadRef
PathFileExistsA
SHDeleteKeyW
StrFormatKBSizeW
PathUnExpandEnvStringsW
SHGetInverseCMAP
StrTrimA
PathIsDirectoryW
PathUnquoteSpacesW
wnsprintfA
SHCreateStreamOnFileA
StrNCatW
StrCmpNIW
SHSetValueA
PathStripToRootW
ColorHLSToRGB
AssocQueryStringByKeyA
PathCanonicalizeW
SHEnumKeyExW
StrRChrW
PathIsRootW
PathCompactPathA
SHRegQueryUSValueA
SHRegQueryInfoUSKeyW
StrChrIW
PathFindFileNameW
SHRegGetBoolUSValueW
PathIsContentTypeA
SHRegDeleteEmptyUSKeyW
SHOpenRegStreamA
PathCombineW
PathCompactPathExA
PathStripPathA
PathUnquoteSpacesA
StrStrW
PathRelativePathToW
PathIsDirectoryA
StrCmpW
PathIsSystemFolderW
PathIsRelativeW
StrToIntA
UrlCombineA
StrPBrkW
StrFromTimeIntervalW
PathParseIconLocationA
PathUndecorateW
StrCpyW
UrlCompareW
PathIsUNCServerShareA
ord16
AssocQueryStringByKeyW
SHQueryValueExW
PathIsSameRootW
StrRStrIW
SHStrDupW
SHRegSetPathW
StrRChrIW
SHRegOpenUSKeyW
PathRemoveBackslashA
UrlCanonicalizeA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ff5db779051c57661a5da085239ce27

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1Certificate

Extended Key Usages

65:3c:56:80:0d:69:e4:18:fc:76:37:3b:74:7f:c3:ec:b6:1a:04:aaSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 40KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1024B - Virtual size: 904B

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

65:3c:56:80:0d:69:e4:18:fc:76:37:3b:74:7f:c3:ec:b6:1a:04:aa
Signer

.text
Size: 3KB - Virtual size: 3KB

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 40KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 904B