826018a8692aa093515ed26e2cf89183_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

826018a8692aa093515ed26e2cf89183_JaffaCakes118
Size

252KB
MD5

826018a8692aa093515ed26e2cf89183
SHA1

79a7efc1b84b0370e902582249abff0b3b6a2966
SHA256

b857fd19f10b780f97e3c70cf521ff8a6e442031090f8eab963fac9d17dd9fef
SHA512

35ad7d9a4c1d72529657c35f3cdba742625625b3dfa86176b6ec421550504bd675f3f605778b60488516fc02402d44ec5ea836e1183d0cc824e66055de339a3c
SSDEEP

6144:dgsjyzscw0ah/ByAVxr62CLFJO6qpAJNzr:dZjw1w0aJBT4BJTJF

Score

1^/10

Malware Config

Signatures

Files

826018a8692aa093515ed26e2cf89183_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a74502f7286c688c8c5e468e7f889903

Code Sign

1c:16:36:68:5a:e1:63:ae:45:38:cb:55:83:9c:61:ad
Certificate

Issuer

CN=rhyn5r69im6t7i5

Not Before

17/01/2012, 08:40

Not After

31/12/2039, 23:59

Subject

CN=rhyn5r69im6t7i5

Extended Key Usages

ExtKeyUsageCodeSigning

79:00:74:9c:8d:9a:ac:ef:ec:60:1f:d9:f5:21:3d:29:be:60:f3:44
Signer

Actual PE Digest

79:00:74:9c:8d:9a:ac:ef:ec:60:1f:d9:f5:21:3d:29:be:60:f3:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
BackupSeek
CancelIo
CopyFileA
CopyFileW
CreateFileMappingW
CreateIoCompletionPort
CreateSemaphoreW
CreateTapePartition
CreateToolhelp32Snapshot
DeleteFileA
EnumCalendarInfoW
EnumDateFormatsW
EnumResourceTypesA
EnumSystemCodePagesW
EnumSystemLocalesA
EnumTimeFormatsA
EnumUILanguagesA
FatalExit
FileTimeToDosDateTime
FindCloseChangeNotification
FindFirstVolumeMountPointA
FindNextVolumeW
FormatMessageA
GetAtomNameA
GetCompressedFileSizeW
GetComputerNameExW
GetConsoleAliasA
GetConsoleAliasExesLengthA
GetConsoleAliasesW
GetConsoleOutputCP
GetConsoleTitleW
GetDefaultCommConfigW
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetEnvironmentVariableA
GetFileAttributesExA
GetFullPathNameW
GetLocaleInfoA
GetPrivateProfileStringA
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessTimes
GetStdHandle
GetStringTypeExW
GetSystemInfo
ExitProcess
GetTempFileNameW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GlobalDeleteAtom
GlobalFix
GlobalSize
Heap32ListNext
IsBadCodePtr
LocalFileTimeToFileTime
LocalReAlloc
LocalUnlock
LockResource
MoveFileA
MoveFileExW
OpenEventW
OpenThread
QueryInformationJobObject
ReadConsoleInputW
ReplaceFile
ReplaceFileA
ReplaceFileW
ResetEvent
ResumeThread
ScrollConsoleScreenBufferA
SetConsoleCursorPosition
SetConsoleTitleA
SetFileAttributesW
SetLastError
SetProcessAffinityMask
SetSystemTimeAdjustment
SetTapeParameters
SetThreadContext
SetThreadExecutionState
SetupComm
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateThread
TransactNamedPipe
UnhandledExceptionFilter
UnlockFileEx
VerSetConditionMask
WriteProfileSectionW
WriteProfileStringA
_llseek
_lopen
lstrcmpiW
lstrcpy
GetSystemPowerStatus
VirtualAlloc

user32

AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallMsgFilterA
ChangeDisplaySettingsA
CharLowerA
CharToOemA
CheckDlgButton
ChildWindowFromPoint
ClientToScreen
CloseWindowStation
CopyAcceleratorTableW
CountClipboardFormats
CreateIconIndirect
CreateWindowStationW
DdeEnableCallback
DdeFreeStringHandle
DdeQueryNextServer
DefDlgProcA
DefFrameProcW
DialogBoxParamW
DlgDirListA
DrawEdge
DrawTextExA
DrawTextExW
EnumDisplayDevicesA
EnumDisplaySettingsExW
EnumWindowStationsA
FindWindowExW
GetAsyncKeyState
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClipboardOwner
GetDlgItemTextA
GetGUIThreadInfo
GetKeyNameTextW
GetKeyboardLayout
GetKeyboardType
GetLastInputInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuInfo
GetParent
GetScrollRange
GetTopWindow
GetWindowLongW
IMPGetIMEW
IMPQueryIMEW
ImpersonateDdeClientWindow
IntersectRect
IsClipboardFormatAvailable
IsDialogMessageW
LoadAcceleratorsW
LoadCursorFromFileA
LoadCursorW
LoadKeyboardLayoutW
MessageBoxIndirectA
MonitorFromWindow
OemToCharA
PackDDElParam
PeekMessageA
RealGetWindowClass
RegisterHotKey
RegisterWindowMessageA
RemoveMenu
ScrollDC
ScrollWindowEx
SendInput
SendMessageA
SetActiveWindow
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMessageExtraInfo
SetParent
SetWinEventHook
SetWindowContextHelpId
SetWindowPos
SetWindowTextW
ShowCaret
ShowOwnedPopups
SubtractRect
SwitchToThisWindow
SystemParametersInfoA
ToUnicode
UnregisterDeviceNotification
UnregisterHotKey
ValidateRgn
WINNLSEnableIME
wvsprintfA
LoadBitmapA
ArrangeIconicWindows

advapi32

RegOpenKeyExW

ole32

CLSIDFromString
CoAddRefServerProcess
CoBuildVersion
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoFreeUnusedLibraries
CoGetApartmentID
CoGetCallContext
CoGetClassVersion
CoGetInterfaceAndReleaseStream
CoGetMarshalSizeMax
CoInitializeEx
CoIsOle1Class
CoMarshalInterThreadInterfaceInStream
CoQueryReleaseObject
CoRegisterMessageFilter
CoRegisterSurrogateEx
CoRevertToSelf
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemRealloc
CoTestCancel
CoUnloadingWOW
CoUnmarshalInterface
CreateAntiMoniker
CreateBindCtx
CreateDataCache
CreateFileMoniker
CreateItemMoniker
CreateObjrefMoniker
CreatePointerMoniker
CreateStreamOnHGlobal
DoDragDrop
FmtIdToPropStgName
HACCEL_UserFree
HACCEL_UserMarshal
HACCEL_UserSize
HBITMAP_UserFree
HBRUSH_UserMarshal
HDC_UserMarshal
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserSize
HGLOBAL_UserMarshal
HICON_UserUnmarshal
HMENU_UserMarshal
HMENU_UserSize
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HPALETTE_UserUnmarshal
HWND_UserSize
HkOleRegisterObject
IsAccelerator
MkParseDisplayName
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromData
OleCreateFromFileEx
OleCreateLinkToFile
OleCreateLinkToFileEx
OleGetClipboard
OleInitialize
OleLoad
OleLoadFromStream
OleNoteObjectVisible
OleQueryLinkFromData
OleRegEnumFormatEtc
OleRegEnumVerbs
OleRegGetUserType
OpenOrCreateStream
ReadClassStm
ReadStringStream
RevokeDragDrop
SNB_UserFree
SNB_UserMarshal
SNB_UserSize
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgConvertPropertyToVariant
StgOpenStorageEx
StringFromGUID2
UpdateDCOMSettings
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
WriteOleStg

Sections

.text
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a74502f7286c688c8c5e468e7f889903

Code Sign

1c:16:36:68:5a:e1:63:ae:45:38:cb:55:83:9c:61:adCertificate

Extended Key Usages

79:00:74:9c:8d:9a:ac:ef:ec:60:1f:d9:f5:21:3d:29:be:60:f3:44Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 245KB - Virtual size: 245KB

.data Size: 512B - Virtual size: 44B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

1c:16:36:68:5a:e1:63:ae:45:38:cb:55:83:9c:61:ad
Certificate

79:00:74:9c:8d:9a:ac:ef:ec:60:1f:d9:f5:21:3d:29:be:60:f3:44
Signer

.text
Size: 245KB - Virtual size: 245KB

.data
Size: 512B - Virtual size: 44B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB