74d975875f096d7882ea57ab07962867_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74d975875f096d7882ea57ab07962867_JaffaCakes118
Size

182KB
MD5

74d975875f096d7882ea57ab07962867
SHA1

68c63d26b3dce97e4d499a2ec5d0d294576aff25
SHA256

0372c23c2cbe104ebbbf3125de986e93816374da1e56ac14f74e0d77d105f9f4
SHA512

5041b8596f42e499ea69b99dd6825e960cad9e17af7c534a10d6566852d6d1d798cc2a5e87f900077678b9d3a3ad6dd447936e977f7b7ad704519864ee626848
SSDEEP

3072:wS0aKCIn+zaZvJWEttttpt/V5BbFHJxLT/QFqaudxpI2CQTMMN:eN/+zOlbFHUFEdx3RY

Score

1^/10

Malware Config

Signatures

Files

74d975875f096d7882ea57ab07962867_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f7261e910592986bc957118014f9d233

Code Sign

73:c2:e8:4a:e6:53:2c:94:4e:85:92:3a:67:87:27:6a
Certificate

Issuer

CN=evtwetvbqwe45vb2

Not Before

01/03/2012, 08:06

Not After

31/12/2039, 23:59

Subject

CN=evtwetvbqwe45vb2

Extended Key Usages

ExtKeyUsageCodeSigning

d6:cf:d8:83:2d:11:16:39:fd:4d:f2:99:7f:23:70:dc:65:f5:b7:2b
Signer

Actual PE Digest

d6:cf:d8:83:2d:11:16:39:fd:4d:f2:99:7f:23:70:dc:65:f5:b7:2b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
GetProcAddress
CreateFileA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
VirtualAlloc

user32

BroadcastSystemMessageA
ChangeDisplaySettingsExA
ChangeMenuW
CharLowerBuffW
CharPrevA
CharUpperW
CountClipboardFormats
CreateDesktopW
CreateIconFromResourceEx
CreateMenu
DdeAddData
DdeEnableCallback
DdeGetLastError
DdeNameService
DefFrameProcA
DeferWindowPos
DrawFrameControl
EndMenu
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesW
EnumDisplayMonitors
EnumPropsExA
EnumWindowStationsA
EnumWindowStationsW
FindWindowExW
GetAsyncKeyState
GetCaretBlinkTime
GetClassInfoExW
GetClassWord
GetClipboardFormatNameA
GetComboBoxInfo
GetDesktopWindow
GetDlgCtrlID
GetKeyboardLayout
GetKeyboardLayoutNameA
GetLastActivePopup
GetListBoxInfo
GetMenuDefaultItem
GetMenuStringW
GetOpenClipboardWindow
GetShellWindow
GetTitleBarInfo
GetWindowDC
GrayStringW
HideCaret
HiliteMenuItem
IMPGetIMEA
IMPQueryIMEA
InternalGetWindowText
IsWindow
LoadAcceleratorsA
LoadImageW
LockWindowUpdate
MessageBoxExA
OemToCharBuffW
OemToCharW
OpenIcon
PeekMessageA
PostMessageA
RealGetWindowClassA
ReplyMessage
ReuseDDElParam
SendDlgItemMessageA
SendNotifyMessageW
SetCaretPos
SetDeskWallpaper
SetDlgItemInt
SetDlgItemTextA
SetScrollInfo
SetScrollRange
SetShellWindow
SetWindowPlacement
SetWindowsHookA
ShowCaret
SubtractRect
SwitchDesktop
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
UnhookWindowsHookEx
UnregisterDeviceNotification
WINNLSEnableIME

ole32

BindMoniker
CLSIDFromProgIDEx
CoCreateGuid
CoCreateInstance
CoDisableCallCancellation
CoFileTimeNow
CoGetInstanceFromFile
CoGetMarshalSizeMax
CoGetObject
CoGetStandardMarshal
CoInitializeEx
CoInitializeSecurity
CoInstall
CoIsHandlerConnected
CoQueryProxyBlanket
CoReactivateObject
CoRegisterMessageFilter
CoTaskMemFree
CoTaskMemRealloc
CoTreatAsClass
CoUnmarshalHresult
CreateAntiMoniker
CreateBindCtx
CreateDataAdviseHolder
CreateDataCache
CreateFileMoniker
CreateGenericComposite
CreateOleAdviseHolder
CreateStdProgressIndicator
FreePropVariantArray
GetClassFile
GetConvertStg
GetHGlobalFromStream
GetRunningObjectTable
HACCEL_UserFree
HACCEL_UserUnmarshal
HBITMAP_UserMarshal
HBRUSH_UserMarshal
HDC_UserMarshal
HENHMETAFILE_UserFree
HGLOBAL_UserFree
HGLOBAL_UserMarshal
HICON_UserSize
HICON_UserUnmarshal
HMENU_UserMarshal
HMENU_UserUnmarshal
HMETAFILEPICT_UserSize
HMETAFILE_UserSize
HPALETTE_UserUnmarshal
HkOleRegisterObject
IIDFromString
MkParseDisplayName
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
OleConvertOLESTREAMToIStorageEx
OleCreateEx
OleCreateFromDataEx
OleCreateFromFile
OleCreateLinkEx
OleCreateLinkFromData
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleGetIconOfFile
OleInitializeWOW
OleLoad
OleLockRunning
OleMetafilePictFromIconAndLabel
OleNoteObjectVisible
OleRegGetMiscStatus
OleSaveToStream
OleUninitialize
OpenOrCreateStream
SNB_UserSize
SNB_UserUnmarshal
STGMEDIUM_UserMarshal
StgGetIFillLockBytesOnFile
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorageOnILockBytes
StringFromGUID2
StringFromIID
UtConvertDvtd16toDvtd32
UtGetDvtd16Info
UtGetDvtd32Info
WdtpInterfacePointer_UserMarshal
WriteClassStm
WriteFmtUserTypeStg

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7261e910592986bc957118014f9d233

Code Sign

73:c2:e8:4a:e6:53:2c:94:4e:85:92:3a:67:87:27:6aCertificate

Extended Key Usages

d6:cf:d8:83:2d:11:16:39:fd:4d:f2:99:7f:23:70:dc:65:f5:b7:2bSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 648B

.text Size: 168KB - Virtual size: 168KB

.reloc Size: 2KB - Virtual size: 1KB

73:c2:e8:4a:e6:53:2c:94:4e:85:92:3a:67:87:27:6a
Certificate

d6:cf:d8:83:2d:11:16:39:fd:4d:f2:99:7f:23:70:dc:65:f5:b7:2b
Signer

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 648B

.text
Size: 168KB - Virtual size: 168KB

.reloc
Size: 2KB - Virtual size: 1KB