84c8d096d4a627f9c007d1d7044c5b3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84c8d096d4a627f9c007d1d7044c5b3f_JaffaCakes118
Size

119KB
MD5

84c8d096d4a627f9c007d1d7044c5b3f
SHA1

8d3005f0b7561695e42d65c434295893465f9f61
SHA256

0f7c203e8a54200c5a224eec5ae60f442d839218d7566ef725ee58faf5c070a4
SHA512

412b5f6dc8051865c008b99301e0f2a1dc1aefaa8e706247e7ea18630e76cda5d2961baa37aa80ebd8e5ed0adb41947985c51e5f4ac8b7103d663134e5d3c070
SSDEEP

1536:QzUg8CSJJCunzPCQi74K0h/9DoHdfTqKeGkBe5AbMgJDfp0XpRf7m1X:QzUzvJwkztK0hV2CGD5AgCKXHDm1X

Score

1^/10

Malware Config

Signatures

Files

84c8d096d4a627f9c007d1d7044c5b3f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b84c5bb52014d83fc5e6534e392dea2a

Code Sign

50:b6:ed:79:a1:ec:4e:62:bc:33:32:46:3e:eb:9e:2d
Certificate

Issuer

CN=7348345845

Not Before

25/01/2012, 13:00

Not After

31/12/2039, 23:59

Subject

CN=7348345845

Extended Key Usages

ExtKeyUsageCodeSigning

2d:cc:94:fd:b5:cc:15:4d:c0:c5:af:91:e8:2f:f0:91:3d:29:c9:4a
Signer

Actual PE Digest

2d:cc:94:fd:b5:cc:15:4d:c0:c5:af:91:e8:2f:f0:91:3d:29:c9:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
AddConsoleAliasA
AreFileApisANSI
AssignProcessToJobObject
CloseHandle
CommConfigDialogA
CompareStringA
CreateConsoleScreenBuffer
CreateEventA
CreateNamedPipeA
CreateTimerQueue
CreateWaitableTimerA
CreateWaitableTimerW
DebugBreak
EnumDateFormatsExA
EnumLanguageGroupLocalesW
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
ExitThread
ExpandEnvironmentStringsA
FillConsoleOutputCharacterA
FindAtomW
FindFirstChangeNotificationW
FindFirstVolumeW
FindNextFileA
FindVolumeClose
FlushConsoleInputBuffer
FlushViewOfFile
FreeUserPhysicalPages
GetConsoleAliasA
GetCurrentProcessId
GetCurrentThread
GetDateFormatW
GetLargestConsoleWindowSize
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetNumberFormatA
GetNumberFormatW
GetNumberOfConsoleMouseButtons
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileSectionA
GetProcessHeaps
GetShortPathNameA
ExitProcess
GetThreadPriorityBoost
GetThreadSelectorEntry
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVolumeInformationA
GlobalLock
GlobalUnfix
HeapDestroy
HeapSize
InterlockedDecrement
IsBadCodePtr
IsBadStringPtrA
IsSystemResumeAutomatic
LoadLibraryExA
LocalFileTimeToFileTime
LocalLock
MoveFileA
OpenProcess
OutputDebugStringW
PeekNamedPipe
Process32First
Process32NextW
QueryInformationJobObject
QueryPerformanceCounter
ReadConsoleOutputAttribute
ReadConsoleW
ReadFileEx
SetCurrentDirectoryW
SetDefaultCommConfigA
SetFileAttributesW
SetMailslotInfo
SetMessageWaitingIndicator
SetProcessPriorityBoost
SetStdHandle
SetSystemPowerState
SetTimeZoneInformation
SetVolumeLabelW
SetVolumeMountPointW
SizeofResource
TlsSetValue
TryEnterCriticalSection
UnregisterWait
WaitNamedPipeA
WritePrivateProfileSectionA
WriteProfileSectionA
lstrcatA
lstrcpyA
lstrcpyW
GetThreadContext
VirtualAlloc

user32

ChangeDisplaySettingsExA
CharNextW
CharToOemBuffA
CharToOemW
CharUpperBuffA
CloseDesktop
CopyAcceleratorTableA
CopyRect
CreateDesktopA
CreateDialogParamA
DdeCmpStringHandles
DdeReconnect
DefMDIChildProcA
DefWindowProcA
DialogBoxIndirectParamA
DispatchMessageA
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectExA
DlgDirSelectExW
DrawCaption
DrawMenuBar
DrawStateA
DrawStateW
DrawTextA
EndTask
EnumDisplayMonitors
EnumPropsA
GetCapture
GetClassInfoW
GetClassLongA
GetClassNameA
GetDlgItemTextW
GetFocus
GetIconInfo
GetInputDesktop
GetKBCodePage
GetKeyState
GetKeyboardState
GetMenuInfo
GetNextDlgTabItem
GetOpenClipboardWindow
GetScrollBarInfo
GetShellWindow
GetSysColorBrush
GetSystemMenu
GetTabbedTextExtentA
GetUserObjectInformationA
GetWindowTextW
IMPGetIMEA
InsertMenuA
InvertRect
IsChild
IsDialogMessageW
IsDlgButtonChecked
IsWindow
LoadIconA
LoadMenuA
MenuItemFromPoint
MonitorFromWindow
MoveWindow
PackDDElParam
PaintDesktop
PostMessageA
PtInRect
RealGetWindowClass
RegisterDeviceNotificationA
RemovePropA
ReuseDDElParam
SendIMEMessageExA
SendInput
SetClassLongW
SetForegroundWindow
SetMenuInfo
SetProcessDefaultLayout
SetPropA
SetRectEmpty
SetScrollInfo
SetTimer
SetWindowLongA
SetWindowsHookExA
TileWindows
TrackPopupMenu
TranslateAccelerator
TranslateAcceleratorW
UnloadKeyboardLayout
UnregisterClassA
UnregisterDeviceNotification
UpdateWindow
wsprintfA
ActivateKeyboardLayout
BroadcastSystemMessageW

advapi32

RegOpenKeyExW

ole32

CLIPFORMAT_UserUnmarshal
CLSIDFromProgID
CLSIDFromProgIDEx
CoAllowSetForegroundWindow
CoBuildVersion
CoCancelCall
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoCreateInstanceEx
CoFileTimeToDosDateTime
CoFreeUnusedLibraries
CoGetClassVersion
CoGetCurrentLogicalThreadId
CoGetInstanceFromFile
CoGetInterfaceAndReleaseStream
CoGetMarshalSizeMax
CoGetObject
CoGetStandardMarshal
CoGetTreatAsClass
CoImpersonateClient
CoMarshalHresult
CoReactivateObject
CoRegisterMessageFilter
CoRegisterSurrogateEx
CoReleaseServerProcess
CoRevertToSelf
CoSetProxyBlanket
CoSwitchCallContext
CoTaskMemRealloc
CoUnloadingWOW
CreateAntiMoniker
CreateBindCtx
CreateFileMoniker
CreateGenericComposite
CreateObjrefMoniker
DllDebugObjectRPCHook
HBITMAP_UserMarshal
HBRUSH_UserMarshal
HDC_UserSize
HGLOBAL_UserMarshal
HICON_UserSize
HICON_UserUnmarshal
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILE_UserMarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserSize
HWND_UserUnmarshal
IsAccelerator
MkParseDisplayName
MonikerRelativePathTo
OleConvertIStorageToOLESTREAM
OleCreate
OleCreateEmbeddingHelper
OleCreateLinkToFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleGetClipboard
OleGetIconOfFile
OleInitializeWOW
OleNoteObjectVisible
OleRegGetUserType
OleRun
OleSaveToStream
PropStgNameToFmtId
PropVariantClear
ReadClassStg
SNB_UserFree
StgConvertPropertyToVariant
StgConvertVariantToProperty
StgCreatePropSetStg
StgGetIFillLockBytesOnFile
StgGetIFillLockBytesOnILockBytes
StgOpenAsyncDocfileOnIFillLockBytes
StgPropertyLengthAsVariant
StgSetTimes
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
UtGetDvtd32Info
WdtpInterfacePointer_UserSize
WriteClassStm
WriteStringStream

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ttt
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b84c5bb52014d83fc5e6534e392dea2a

Code Sign

50:b6:ed:79:a1:ec:4e:62:bc:33:32:46:3e:eb:9e:2dCertificate

Extended Key Usages

2d:cc:94:fd:b5:cc:15:4d:c0:c5:af:91:e8:2f:f0:91:3d:29:c9:4aSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.ttt Size: 103KB - Virtual size: 102KB

.data Size: 512B - Virtual size: 172B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 261KB

50:b6:ed:79:a1:ec:4e:62:bc:33:32:46:3e:eb:9e:2d
Certificate

2d:cc:94:fd:b5:cc:15:4d:c0:c5:af:91:e8:2f:f0:91:3d:29:c9:4a
Signer

.text
Size: 9KB - Virtual size: 9KB

.ttt
Size: 103KB - Virtual size: 102KB

.data
Size: 512B - Virtual size: 172B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 261KB