785663aacf337cdeaeb809d7ef5c735b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

785663aacf337cdeaeb809d7ef5c735b_JaffaCakes118
Size

278KB
MD5

785663aacf337cdeaeb809d7ef5c735b
SHA1

6d10e559a9d1ba5b53386fcea09edb5516bbedcd
SHA256

3a4672499541320fc5cb99c594a5e3ac618a9b7c4c6e53bfb67434f6cd7f3f9d
SHA512

b35a27d04e199a7733725c90d78644933f7dcb5b587e1e3522ac34e64e6ac30e349d8b488a3aee177545e4f906748ff5d22655ab8986914ec5bfda51eae65b42
SSDEEP

6144:04bLG6rzysDrwsSSYWkrD77q3UwQi7gQCAEzoSyo:0oCTkrwsSSYJn77OUZi7xCTo5o

Score

1^/10

Malware Config

Signatures

Files

785663aacf337cdeaeb809d7ef5c735b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbfe351f08b236ab7a9b727e9fb0fc78

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15-03-2012 10:39

Not After

31-12-2039 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

3c:f8:82:80:0b:79:b8:21:24:b1:79:ca:19:9a:d5:fc:f1:b4:d0:77
Signer

Actual PE Digest

3c:f8:82:80:0b:79:b8:21:24:b1:79:ca:19:9a:d5:fc:f1:b4:d0:77

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
VirtualAlloc
GetQueuedCompletionStatus
WriteConsoleOutputCharacterA
GetCalendarInfoA
DeviceIoControl
GlobalLock
GetConsoleCP
ResetEvent
LCMapStringA
VirtualFreeEx
QueryDosDeviceA
GetProcessWorkingSetSize
SetCommMask
FindFirstVolumeW
SetThreadPriority
InterlockedCompareExchange
EnumUILanguagesA
MultiByteToWideChar
UnlockFileEx
CreateEventA
MoveFileExW
ReadProcessMemory
FindFirstFileW
MapUserPhysicalPagesScatter
CompareStringW
FindFirstVolumeMountPointA
LocalHandle
SetConsoleCursor
GetVersionExW
GetPrivateProfileSectionNamesW
SizeofResource
WriteProfileSectionW
VerifyVersionInfoW
CreateMutexA
SetUnhandledExceptionFilter
GlobalHandle
GetConsoleAliasExesLengthA
WideCharToMultiByte
OpenFileMappingA
UnhandledExceptionFilter
GetWindowsDirectoryW
GlobalSize
OutputDebugStringA
GetModuleFileNameW
EnumDateFormatsExW
SwitchToThread
ChangeTimerQueueTimer
DeleteFileW
WriteConsoleOutputAttribute
FoldStringW
Module32NextW
FreeUserPhysicalPages
GetComputerNameA
EnumDateFormatsW
GetPrivateProfileStringA
GetDevicePowerState
CreateEventW
WriteProfileStringW
SetConsoleScreenBufferSize
CopyFileA
WaitCommEvent
EnumTimeFormatsA
GlobalFindAtomA
OpenWaitableTimerW
HeapValidate
SetConsoleWindowInfo
EraseTape
FindFirstVolumeA
GlobalMemoryStatusEx
GetFileInformationByHandle
ReadConsoleOutputW
SetConsoleCtrlHandler
_hread
ReleaseSemaphore
HeapFree
ResumeThread
MoveFileW
LoadResource
CreateDirectoryA
WriteFileEx
FlushFileBuffers
BeginUpdateResourceW
RtlMoveMemory
SetFileAttributesW
EnumSystemLocalesA
FlushConsoleInputBuffer
Heap32ListNext
GetWriteWatch
ConnectNamedPipe
FillConsoleOutputCharacterA
UpdateResourceW
ReadConsoleOutputA
lstrcpy
EndUpdateResourceW
SetProcessWorkingSetSize
GetThreadContext

user32

IMPSetIMEA
DrawTextA
CopyAcceleratorTableW
AllowSetForegroundWindow
SendNotifyMessageW
DdeUninitialize
EnumDisplaySettingsExW
PostQuitMessage
SendMessageCallbackA
EnumDisplayDevicesA
CreatePopupMenu
RegisterDeviceNotificationW
ExitWindowsEx
EnumThreadWindows
SetPropA
GetClipboardFormatNameA
SetRectEmpty
GetDCEx
wvsprintfA
IsChild
WaitMessage
GetInputState
GetMenuItemCount
IsHungAppWindow
DdeNameService
FlashWindowEx
LoadIconA
CallMsgFilter
DdeUnaccessData
IsCharUpperW
WINNLSEnableIME
RegisterClassExA
DdeCmpStringHandles
TranslateAcceleratorA
LockWorkStation
GetKeyboardState
FrameRect
GetTopWindow
CreateCursor
VkKeyScanExW
RealGetWindowClassW
ReleaseDC
CreateDialogParamW
CallWindowProcW
WINNLSGetIMEHotkey
UpdateWindow
ToAsciiEx
DdeQueryStringA
CharPrevA
MonitorFromWindow
ShowCursor
SetClassLongW
GetScrollInfo
MessageBoxExW
ModifyMenuW
LoadKeyboardLayoutA
DdeGetData
SwitchToThisWindow
MsgWaitForMultipleObjectsEx
SendIMEMessageExA
DrawCaption
CreateDialogIndirectParamA
SetFocus
SetWindowsHookA
DdeKeepStringHandle
DdePostAdvise
DragDetect
GetPropW
UnregisterClassW
WaitForInputIdle
ChangeDisplaySettingsW
GetThreadDesktop
GetParent
CreateDialogParamA
DlgDirListA
CheckMenuItem
GetNextDlgGroupItem
IMPGetIMEW
SetWindowTextW
GetCursorInfo
OpenDesktopA
WINNLSGetEnableStatus
TranslateMDISysAccel
NotifyWinEvent
CloseDesktop
LoadCursorA
DrawMenuBar
TileWindows
ToAscii
GetClipboardSequenceNumber
SetMessageExtraInfo
TrackPopupMenu
SetForegroundWindow
DialogBoxParamW
IsWindowEnabled
PackDDElParam

advapi32

RegOpenKeyExW

shell32

DragQueryFileW
SHCreateProcessAsUserW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetDiskFreeSpaceA
WOWShellExecute
Shell_NotifyIconW
SHPathPrepareForWriteA
SHGetDataFromIDListA
DragQueryFileA
SHAddToRecentDocs
SHGetDiskFreeSpaceExA
ShellExecuteExW
SHGetFolderPathW
SHQueryRecycleBinA
ShellExecuteEx
SHAppBarMessage
DoEnvironmentSubstW
SHLoadInProc
SHLoadNonloadedIconOverlayIdentifiers
DuplicateIcon
ExtractIconExW
SHBrowseForFolder
SHGetSettings
SHGetIconOverlayIndexW
SHFileOperationW
SHBrowseForFolderA
SHFreeNameMappings
ShellExecuteW
SHGetFileInfoA
SHBrowseForFolderW
DoEnvironmentSubstA
SHFormatDrive
SHIsFileAvailableOffline
ExtractAssociatedIconW
SHCreateDirectoryExA
ExtractAssociatedIconA
SHGetFolderLocation
SHGetFileInfo
ExtractAssociatedIconExW
SHCreateDirectoryExW
SHGetPathFromIDListA
CommandLineToArgvW
ShellAboutW
ShellHookProc
DragQueryPoint
Shell_NotifyIconA
DragQueryFile
SHGetDataFromIDListW
ExtractIconExA
SHGetDesktopFolder
CheckEscapesW
SHGetSpecialFolderPathA
SHInvokePrinterCommandA
SHQueryRecycleBinW

shlwapi

StrRStrIW
StrChrIA
StrStrW
StrRChrIA
StrStrIA
StrCmpNIW
StrCmpNW
StrChrW
StrRChrA
StrChrIW
StrRStrIA
StrCmpNA
StrChrA
StrCmpNIA
StrStrA

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbfe351f08b236ab7a9b727e9fb0fc78

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

3c:f8:82:80:0b:79:b8:21:24:b1:79:ca:19:9a:d5:fc:f1:b4:d0:77Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 265KB - Virtual size: 264KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

3c:f8:82:80:0b:79:b8:21:24:b1:79:ca:19:9a:d5:fc:f1:b4:d0:77
Signer

.text
Size: 265KB - Virtual size: 264KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB