64b3bd0f3a1a0b50b0a8857929fb46df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64b3bd0f3a1a0b50b0a8857929fb46df_JaffaCakes118
Size

140KB
MD5

64b3bd0f3a1a0b50b0a8857929fb46df
SHA1

cccbb40e3420e1b6c762fc300f557091b9e545fd
SHA256

8c95470956d387f600fd36eb8f10d587f985b491f10ea0bca760a65e16861ec4
SHA512

69d8a386c8bb4ee223ca8d393ee1d7cc110b1c395d14bc4b1d626bb2e4518463587ad29b96b097c62dc7b348eb8178791a1dcb656d1b652263be0c20f26cf185
SSDEEP

1536:1WjZUoPweQ5wOmBwCjPONC+uEI8s102bKCX9R/ckNzXI0s+mU3gpE0Fu5+/HnvEe:Poemt3+V4l/dzYl+r3gq+SyMFceWN

Score

1^/10

Malware Config

Signatures

Files

64b3bd0f3a1a0b50b0a8857929fb46df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0ad3845c361f1901ff6216b8481445d

Code Sign

46:a2:aa:16:98:fa:6d:b9:44:44:e7:d5:f6:2f:17:e6
Certificate

Issuer

CN=vcgP

Not Before

24/05/2012, 05:46

Not After

31/12/2039, 23:59

Subject

CN=vcgP

Extended Key Usages

ExtKeyUsageCodeSigning

9f:b6:05:1c:66:4e:c5:8a:27:d4:4c:75:5e:62:4b:30:7b:b5:8d:f4
Signer

Actual PE Digest

9f:b6:05:1c:66:4e:c5:8a:27:d4:4c:75:5e:62:4b:30:7b:b5:8d:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
CreateFileA
GetModuleHandleW
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
OpenMutexA
BuildCommDCBA
OpenJobObjectA
WriteProfileStringA
SetHandleCount
GetDriveTypeA
BeginUpdateResourceW
EnumDateFormatsW
ReadConsoleOutputAttribute
GetExitCodeThread
GetStringTypeW
IsDebuggerPresent
SearchPathW
MoveFileExW
CreateThread
GetDevicePowerState
GetCommState
LoadLibraryA
GetNumberFormatW
HeapDestroy
GetLastError
SetCommState
GetSystemTimeAdjustment
EnumSystemCodePagesW
SetVolumeMountPointW
EnumCalendarInfoA
IsBadStringPtrA
CallNamedPipeA
LoadModule
GetPriorityClass
ContinueDebugEvent
InitializeCriticalSection
GetSystemInfo
GetTimeFormatW
IsValidLanguageGroup
FindResourceExA
GetProcessTimes
FlushConsoleInputBuffer
_lwrite
MultiByteToWideChar
GetFileAttributesExA
GetCalendarInfoW
FlushFileBuffers
GetConsoleAliasA
AddConsoleAliasW
FillConsoleOutputCharacterW
GlobalHandle
LCMapStringA
GetConsoleAliasW
OpenFileMappingW
GetAtomNameW
SetCommTimeouts
SetErrorMode
FindResourceW
GetFileAttributesW
WriteConsoleOutputAttribute
_hread
CreateToolhelp32Snapshot
lstrcpy
BuildCommDCBAndTimeoutsA
LocalFileTimeToFileTime
BackupSeek
ConnectNamedPipe
GetVolumeInformationA
DeleteTimerQueueEx
GetConsoleWindow
WritePrivateProfileStructA
GetStartupInfoW
GetUserDefaultLangID
CancelTimerQueueTimer
CreateRemoteThread
FindFirstFileExW
GlobalFindAtomA
GetSystemDefaultLCID
lstrlen
EnumCalendarInfoW
RtlFillMemory
GetConsoleAliasesLengthA
ReadConsoleOutputCharacterW
GetEnvironmentStringsW
GetPrivateProfileStringW
ChangeTimerQueueTimer
WaitForSingleObject
SignalObjectAndWait
FindFirstFileW
GetFileSize
SetConsoleActiveScreenBuffer
LCMapStringW

user32

LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetWindowLongA
SetScrollRange
SetScrollPos
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetSysColor
GetDialogBaseUnits
SetRect
MoveWindow
SetFocus
GetWindowLongA
SetWindowTextA
SetClassLongA
InvalidateRect
PostQuitMessage
DefWindowProcA
GetKeyState
CallWindowProcA
SetTimer
GetClipboardFormatNameA
OemToCharW
EnumDisplaySettingsA
WinHelpA
DrawCaption
MonitorFromRect
CharPrevW
EnumPropsW
IsDlgButtonChecked
LoadImageA
EnumDisplayDevicesW
CharNextW
UnhookWindowsHook
CascadeWindows
DdeQueryConvInfo
wsprintfA
SetRectEmpty
SendDlgItemMessageA
MsgWaitForMultipleObjectsEx
RealGetWindowClass
DrawTextW
DdeConnect
DestroyWindow
SubtractRect
GetWindowModuleFileNameW
TranslateAcceleratorW
GetClassInfoW
EndTask
CloseDesktop
BlockInput
FindWindowW
EnableScrollBar
MapWindowPoints
CheckDlgButton
AdjustWindowRectEx
GetThreadDesktop
GetParent
RemovePropA
TabbedTextOutW
UpdateLayeredWindow
AppendMenuW
SendIMEMessageExW
SwitchToThisWindow
BringWindowToTop
DdeEnableCallback
VkKeyScanExW
GetWindowInfo
GetDlgItemTextW
EnumDisplayMonitors
DdeInitializeA
SetMenuItemInfoW
GetForegroundWindow
CreateWindowExW
SendMessageA
GetSystemMetrics
DestroyAcceleratorTable
IMPGetIMEW
GetSubMenu
CloseWindowStation
InsertMenuW
ClipCursor
DrawTextExW
SetDoubleClickTime
GetWindowModuleFileName
GetMenuBarInfo
MenuItemFromPoint
DdeReconnect
OemKeyScan
SetClassWord
DdeAddData
RemovePropW
DialogBoxIndirectParamW
GetWindowWord
CharPrevExA
TrackMouseEvent
GetClipboardViewer
DeferWindowPos
GetMenuStringA
FrameRect
SetSysColors
DdeCmpStringHandles
ToAsciiEx
GetKeyboardType
RegisterWindowMessageA
ScrollWindowEx
NotifyWinEvent
GetGUIThreadInfo
GetWindowRgn
InvalidateRgn

gdi32

CreateSolidBrush
DeleteObject
SetTextColor
SetBkColor
GetStockObject

advapi32

RegCloseKey

shell32

ExtractIconExA
SHGetFileInfoA
DuplicateIcon
SHAppBarMessage
DragQueryFileAorW
SHFormatDrive
SHEmptyRecycleBinW
DoEnvironmentSubstA
SHGetSpecialFolderLocation
SHEmptyRecycleBinA
SHBrowseForFolderW
WOWShellExecute
SHGetDiskFreeSpaceExA
DragQueryFileW
SHGetMalloc
ExtractIconW
SHGetFolderPathA
SHGetPathFromIDList
CommandLineToArgvW
SHPathPrepareForWriteW
Shell_NotifyIconW
SHAddToRecentDocs
SHGetPathFromIDListA
DragFinish
SHGetFileInfo
DragQueryFile
DragQueryPoint
DragQueryFileA
ShellExecuteEx
ExtractIconExW
SHInvokePrinterCommandW
SHFileOperation
ExtractAssociatedIconW
ExtractAssociatedIconExA
CheckEscapesW
SHGetIconOverlayIndexA
ExtractIconA
ExtractAssociatedIconExW
SHBrowseForFolder
SHBindToParent
SHPathPrepareForWriteA
SHCreateDirectoryExW
ExtractAssociatedIconA
ExtractIconEx
ShellAboutA
DragAcceptFiles
DoEnvironmentSubstW
SHInvokePrinterCommandA
SHGetDiskFreeSpaceExW
SHFreeNameMappings
SHGetDataFromIDListA
ShellExecuteExW

shlwapi

StrStrA
StrCmpNIW
StrStrW
StrChrW
StrRStrIW
StrChrIA
StrRStrIA
StrRChrW
StrCmpNW
StrChrA
StrStrIW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0ad3845c361f1901ff6216b8481445d

Code Sign

46:a2:aa:16:98:fa:6d:b9:44:44:e7:d5:f6:2f:17:e6Certificate

Extended Key Usages

9f:b6:05:1c:66:4e:c5:8a:27:d4:4c:75:5e:62:4b:30:7b:b5:8d:f4Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 18KB - Virtual size: 18KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

46:a2:aa:16:98:fa:6d:b9:44:44:e7:d5:f6:2f:17:e6
Certificate

9f:b6:05:1c:66:4e:c5:8a:27:d4:4c:75:5e:62:4b:30:7b:b5:8d:f4
Signer

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB