769b4e0d49c9dd64fa7f53d625acf295_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

769b4e0d49c9dd64fa7f53d625acf295_JaffaCakes118
Size

176KB
MD5

769b4e0d49c9dd64fa7f53d625acf295
SHA1

ba980a7a1d24a42b4bb28d83619e682e5e104082
SHA256

3e30e3aa0edb9c2d296109df5ab34b9201e397aadb8655b5652ec5fbd1b0ed65
SHA512

ab3dfcfa54aadc07db5635c517b80669522defd4a7e5e2a0ea013f2cae83942efd843fbca45d234fe72189064968425c27ee0a842de32b37bc1c39bedc2763e7
SSDEEP

3072:x9mH/rOXUcM+84wtTrxiSnBGIgoGTI+0ffLrjEcL1oVMpKZ66Pm9g1e/pnco3ea:8MU5zTrxr+ufHT+VMpKZlm9f/pnco

Score

1^/10

Malware Config

Signatures

Files

769b4e0d49c9dd64fa7f53d625acf295_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec4bcf679a0c321685501642c283e424

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

Issuer

CN=NCrG992VieeQ

Not Before

14-03-2012 06:19

Not After

31-12-2039 23:59

Subject

CN=NCrG992VieeQ

Extended Key Usages

ExtKeyUsageCodeSigning

cc:e4:ae:0a:38:49:d5:04:fb:7e:07:6a:d0:b3:1f:25:0e:ac:8b:cd
Signer

Actual PE Digest

cc:e4:ae:0a:38:49:d5:04:fb:7e:07:6a:d0:b3:1f:25:0e:ac:8b:cd

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
CreateFileA
lstrlenA
GetWindowsDirectoryA
lstrcpyA
GetProcAddress

user32

SetMessageExtraInfo
SetMessageQueue
SetScrollPos
SetScrollRange
SetSystemCursor
SystemParametersInfoW
TileChildWindows
TrackMouseEvent
UnionRect
ValidateRect
WindowFromDC
SetMenuDefaultItem
SetMenu
SetDlgItemTextA
SetDlgItemInt
SetClassLongA
SetCaretPos
SetActiveWindow
SendMessageA
ScrollDC
ReplyMessage
RemovePropW
ReleaseDC
RegisterShellHookWindow
RegisterDeviceNotificationW
PostMessageW
PaintDesktop
OemToCharA
MessageBoxExW
MapVirtualKeyExW
MapVirtualKeyA
MapDialogRect
LockSetForegroundWindow
LoadMenuW
LoadMenuIndirectA
AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallMsgFilter
CascadeWindows
ChangeMenuA
CharToOemBuffA
CharToOemW
LoadMenuA
CharUpperA
CharUpperBuffW
CopyAcceleratorTableA
CountClipboardFormats
CreateDesktopA
CreateIcon
CreateMDIWindowA
CreateWindowExA
DdeCreateDataHandle
DdeInitializeA
DdeKeepStringHandle
DefDlgProcW
DialogBoxParamA
DlgDirSelectComboBoxExA
DrawTextExW
EndMenu
EndTask
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplaySettingsW
EnumPropsA
FindWindowA
FrameRect
GetAltTabInfoW
GetCaretBlinkTime
GetClipboardViewer
GetDlgItemInt
GetIconInfo
GetKeyboardLayoutList
GetKeyboardType
GetLastInputInfo
GetMenuDefaultItem
GetMessagePos
GetMessageTime
GetMonitorInfoA
GetMonitorInfoW
GetProcessWindowStation
GetWindow
GetWindowThreadProcessId
IMPQueryIMEA
IMPQueryIMEW
InsertMenuA
AnyPopup
IntersectRect
InvertRect
IsIconic
KillTimer
LoadKeyboardLayoutW

comdlg32

PageSetupDlgW
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
ChooseColorA
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW

advapi32

RegOpenKeyW

ole32

OleRegGetMiscStatus
OleRun
OleSaveToStream
OleSetAutoConvert
OleSetContainedObject
OleSetMenuDescriptor
PropVariantClear
ReadClassStg
ReadClassStm
ReadOleStg
RevokeDragDrop
SNB_UserFree
SNB_UserUnmarshal
SetConvertStg
SetDocumentBitStg
StgCreateDocfile
StgCreatePropSetStg
StgIsStorageILockBytes
StgOpenPropStg
StgOpenStorageEx
StringFromIID
UtGetDvtd16Info
WdtpInterfacePointer_UserFree
WriteClassStg
WriteOleStg
OleRegEnumFormatEtc
OleQueryCreateFromData
OleMetafilePictFromIconAndLabel
OleLoadFromStream
OleGetIconOfFile
OleGetAutoConvert
OleFlushClipboard
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleCreateFromFileEx
OleConvertOLESTREAMToIStorage
HPALETTE_UserFree
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserMarshal
HMENU_UserSize
HMENU_UserFree
HGLOBAL_UserMarshal
HGLOBAL_UserFree
HDC_UserFree
HBRUSH_UserUnmarshal
HBRUSH_UserFree
HBITMAP_UserSize
HACCEL_UserMarshal
GetHookInterface
GetHGlobalFromStream
FreePropVariantArray
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateDataCache
CoUnmarshalInterface
CoUnloadingWOW
CoUninitialize
CoSwitchCallContext
CoRevokeMallocSpy
CoReleaseServerProcess
CoRegisterChannelHook
CoQueryProxyBlanket
CoQueryClientBlanket
CoLockObjectExternal
CoLoadLibrary
CoIsHandlerConnected
CoInstall
CoInitializeWOW
CoGetStandardMarshal
CoGetMalloc
CoGetInstanceFromIStorage
CoGetCurrentLogicalThreadId
CoFreeLibrary
CoFileTimeToDosDateTime
CoCreateInstanceEx
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoBuildVersion
CLSIDFromProgIDEx
OleGetClipboard
CoFreeUnusedLibraries

comctl32

ord8
CreatePropertySheetPage
CreatePropertySheetPageW
ord6
CreateStatusWindowW
UninitializeFlatSB
ord3
PropertySheetW
ord2
ord13
ord14
InitMUILanguage
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_AddMasked
ImageList_AddIcon
ImageList_Add
GetMUILanguage
ord4
FlatSB_ShowScrollBar
FlatSB_SetScrollRange
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
FlatSB_GetScrollProp
FlatSB_GetScrollPos
FlatSB_EnableScrollBar
DrawStatusTextW
DestroyPropertySheetPage
ord7

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec4bcf679a0c321685501642c283e424

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3bCertificate

Extended Key Usages

cc:e4:ae:0a:38:49:d5:04:fb:7e:07:6a:d0:b3:1f:25:0e:ac:8b:cdSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 12KB - Virtual size: 11KB

.text1 Size: 155KB - Virtual size: 155KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

cc:e4:ae:0a:38:49:d5:04:fb:7e:07:6a:d0:b3:1f:25:0e:ac:8b:cd
Signer

.text
Size: 12KB - Virtual size: 11KB

.text1
Size: 155KB - Virtual size: 155KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB