70fa71cb90d31764a446a23eead580e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70fa71cb90d31764a446a23eead580e6_JaffaCakes118
Size

201KB
MD5

70fa71cb90d31764a446a23eead580e6
SHA1

f06cffdec73a6a153402c2819bfcdb64db34e813
SHA256

40419fcbb79998853c7ef417e6ee8f46664da2ba8e899043446811d586688d8c
SHA512

add13806f1c52180d1da50d3b038539c54de511a9996970f62a2bba6bb3971e16c5fe43b862acc59edcc97668763222f04b3eeb83ca0636056287082a9ed45dd
SSDEEP

6144:7J49WtaizXo50zaIHatvoW3U6YNN0FoJk6i:bhzXu0WIHadoW3zYNN2oJ8

Score

1^/10

Malware Config

Signatures

Files

70fa71cb90d31764a446a23eead580e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

db6a3a3ec582c42ff00c826240cf509f

Code Sign

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75
Certificate

Issuer

CN=etyy inc

Not Before

22/01/2012, 08:05

Not After

31/12/2039, 23:59

Subject

CN=etyy inc

Extended Key Usages

ExtKeyUsageCodeSigning

44:b8:bb:81:72:1f:4e:7c:0b:f4:13:6a:a2:ea:5e:4d:ee:b3:dc:db
Signer

Actual PE Digest

44:b8:bb:81:72:1f:4e:7c:0b:f4:13:6a:a2:ea:5e:4d:ee:b3:dc:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
lstrcatW
GetWindowsDirectoryW
LoadLibraryA
GetProcessHeap
LoadLibraryW
GetProcAddress
GetSystemInfo
AddAtomW
BackupSeek
CancelWaitableTimer
CompareStringW
CopyFileExW
CreateDirectoryExA
CreateFileA
CreateHardLinkW
CreateNamedPipeA
CreatePipe
DebugBreak
DefineDosDeviceA
DeleteFileA
DnsHostnameToComputerNameW
EnumCalendarInfoA
EnumResourceLanguagesA
FileTimeToDosDateTime
FillConsoleOutputCharacterW
FindFirstChangeNotificationW
FindFirstFileExW
FindNextChangeNotification
FindNextVolumeA
FindVolumeMountPointClose
FlushConsoleInputBuffer
GetCPInfoExW
GetCommProperties
GetCommandLineA
GetCompressedFileSizeA
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleCP
GetConsoleDisplayMode
GetConsoleTitleW
GetCurrencyFormatA
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceW
GetFileSizeEx
GetFullPathNameA
GetLocaleInfoW
GetLogicalDriveStringsA
GetModuleHandleW
GetNumberFormatA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcessHeaps
GetProcessTimes
GetProfileIntW
GetSystemDefaultLangID
GetSystemTimeAdjustment
GetSystemWindowsDirectoryW
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVolumeNameForVolumeMountPointW
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
HeapDestroy
InitAtomTable
InitializeCriticalSection
IsBadHugeReadPtr
IsDebuggerPresent
IsSystemResumeAutomatic
LocalShrink
MapUserPhysicalPagesScatter
Module32NextW
MoveFileA
MoveFileExW
OpenProcess
OpenSemaphoreA
PeekConsoleInputA
PeekNamedPipe
PurgeComm
ReadDirectoryChangesW
ReadFileEx
ReplaceFile
SetConsoleCursorInfo
SetConsoleScreenBufferSize
SetEnvironmentVariableA
SetEvent
SetFileAttributesA
SetSystemPowerState
SetThreadLocale
SwitchToThread
TerminateThread
TlsSetValue
TryEnterCriticalSection
VerLanguageNameW
VirtualProtect
WaitNamedPipeA
WritePrivateProfileSectionW
lstrcmpi
lstrcpynW

user32

AdjustWindowRect
AnyPopup
BringWindowToTop
CharPrevW
CharToOemBuffA
ClientToScreen
CreateDesktopA
CreateDesktopW
CreateMDIWindowW
CreateWindowExW
DdeCmpStringHandles
DdeQueryStringW
DdeSetUserHandle
DefFrameProcA
DeferWindowPos
DialogBoxIndirectParamA
DlgDirSelectComboBoxExW
DragDetect
DragObject
DrawFrameControl
DrawStateA
EnableMenuItem
EnableScrollBar
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumWindowStationsA
FindWindowA
GetAncestor
GetClassInfoExA
GetClassInfoW
GetClassLongA
GetClassNameW
GetClipboardFormatNameW
GetDC
GetDialogBaseUnits
GetDlgItem
GetIconInfo
GetKeyNameTextA
GetMenuItemRect
GetNextDlgTabItem
GetUpdateRect
GetWindow
GetWindowLongW
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowRgn
GetWindowThreadProcessId
GetWindowWord
GrayStringA
HideCaret
IMPGetIMEA
InternalGetWindowText
InvalidateRect
IsCharUpperA
IsDialogMessageW
IsWindowUnicode
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutW
LockWindowUpdate
MapVirtualKeyExW
ModifyMenuW
MsgWaitForMultipleObjectsEx
OpenDesktopA
RegisterDeviceNotificationA
ReuseDDElParam
ScrollWindow
SendDlgItemMessageW
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetClassLongA
SetClipboardData
SetDoubleClickTime
SetFocus
SetForegroundWindow
SetLastErrorEx
SetMessageExtraInfo
SetRect
SetScrollPos
SetThreadDesktop
SetTimer
SetUserObjectSecurity
SetWindowLongW
ShowWindowAsync
SubtractRect
SwitchToThisWindow
TabbedTextOutA
TrackPopupMenu
UnloadKeyboardLayout
mouse_event

ole32

BindMoniker
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCancelCall
CoFileTimeNow
CoFreeAllLibraries
CoGetCallContext
CoGetCancelObject
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetInterfaceAndReleaseStream
CoIsOle1Class
CoLockObjectExternal
CoMarshalHresult
CoMarshalInterface
CoQueryProxyBlanket
CoReactivateObject
CoRegisterClassObject
CoRegisterMessageFilter
CoRegisterSurrogate
CoRegisterSurrogateEx
CoRevokeMallocSpy
CoSetCancelObject
CoTreatAsClass
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateAntiMoniker
CreateClassMoniker
CreateFileMoniker
CreateILockBytesOnHGlobal
DllDebugObjectRPCHook
FreePropVariantArray
GetConvertStg
GetHGlobalFromStream
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBITMAP_UserSize
HBITMAP_UserUnmarshal
HBRUSH_UserUnmarshal
HDC_UserUnmarshal
HGLOBAL_UserFree
HICON_UserUnmarshal
HMETAFILE_UserMarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserUnmarshal
HWND_UserUnmarshal
MkParseDisplayName
MonikerCommonPrefixWith
OleCreateDefaultHandler
OleCreateEx
OleCreateFromData
OleCreateFromFileEx
OleCreateLinkEx
OleCreateLinkToFileEx
OleCreateMenuDescriptor
OleGetAutoConvert
OleGetClipboard
OleInitializeWOW
OleLoad
OleQueryCreateFromData
OleRegEnumVerbs
OleSave
OleSetMenuDescriptor
OleTranslateAccelerator
OleUninitialize
OpenOrCreateStream
ReadClassStg
RegisterDragDrop
SNB_UserMarshal
SNB_UserUnmarshal
STGMEDIUM_UserMarshal
StgCreateDocfile
StgCreateStorageEx
StgOpenStorageOnILockBytes
UpdateDCOMSettings
WdtpInterfacePointer_UserFree
WriteClassStg
WriteStringStream

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db6a3a3ec582c42ff00c826240cf509f

Code Sign

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75Certificate

Extended Key Usages

44:b8:bb:81:72:1f:4e:7c:0b:f4:13:6a:a2:ea:5e:4d:ee:b3:dc:dbSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 194KB - Virtual size: 194KB

.data Size: 512B - Virtual size: 604B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75
Certificate

44:b8:bb:81:72:1f:4e:7c:0b:f4:13:6a:a2:ea:5e:4d:ee:b3:dc:db
Signer

.text
Size: 194KB - Virtual size: 194KB

.data
Size: 512B - Virtual size: 604B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB