853153f385d6b29e4180f7a8fcff66d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

853153f385d6b29e4180f7a8fcff66d7_JaffaCakes118
Size

321KB
MD5

853153f385d6b29e4180f7a8fcff66d7
SHA1

2939b3893f041599a8d0feebdfa49c6525baecd6
SHA256

fd90b6bd20b0505c398b5f8b1696cf2aa91d6e3860cbfe5f09872de0aaa5873d
SHA512

2381023a5a5f8d03756e485e8ee44c452dd9c921e7888a29b98187c742efe6c31c0c90edf2a2034603636be2d1a6ce15b1dcec65a4afc21ea29e10578f1969df
SSDEEP

6144:KwTTuug4DQC6ziRo0sYXk7Dm5TsCQIaNEN4xxgBAixuqFsE6a8ZN:fppF6K1dyUIIaNniBAnq+nag

Score

1^/10

Malware Config

Signatures

Files

853153f385d6b29e4180f7a8fcff66d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

Issuer

CN=23612

Not Before

03/02/2012, 15:38

Not After

31/12/2039, 23:59

Subject

CN=23612

Extended Key Usages

ExtKeyUsageCodeSigning

61:3e:b5:cb:74:0a:3c:a2:94:25:4a:4d:7a:68:94:03:f9:32:be:57
Signer

Actual PE Digest

61:3e:b5:cb:74:0a:3c:a2:94:25:4a:4d:7a:68:94:03:f9:32:be:57

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VerSetConditionMask
ClearCommError
GetTimeFormatW
CompareStringA
LoadLibraryExA
UpdateResourceA
SetConsoleCursorInfo
GetSystemInfo
FlushConsoleInputBuffer
GetTempPathW
FindResourceExA
GlobalFindAtomW
GlobalAlloc
SystemTimeToFileTime
GetModuleHandleA
WaitForMultipleObjects
DeleteFileW
GetFileInformationByHandle
lstrcat
CreateProcessW
GetPrivateProfileSectionNamesA
GetConsoleAliasExesA
DosDateTimeToFileTime
PostQueuedCompletionStatus
ReadDirectoryChangesW
GetProcessVersion
SetProcessPriorityBoost
GetUserDefaultLCID
Module32NextW
EnumDateFormatsExW
SetProcessAffinityMask
UnregisterWait
lstrcmpA
SetComputerNameExW
GetDriveTypeA
EnumTimeFormatsA
GetTapeParameters
FindCloseChangeNotification
OpenJobObjectW
SetConsoleDisplayMode
EnumSystemLanguageGroupsA
CreateMailslotA
GetConsoleAliasA
GlobalFlags
GlobalAddAtomW
DeleteFiber
MapUserPhysicalPages
GetCurrencyFormatA
SetUnhandledExceptionFilter
EnumCalendarInfoExA
CreateHardLinkW
UnregisterWaitEx
GetSystemTimeAsFileTime
InterlockedExchangeAdd
MoveFileW
GetFileAttributesExA
CompareStringW
DeleteVolumeMountPointA
SetSystemTime
GetBinaryTypeA
ReadFile
GetProfileStringA
GetVolumePathNameW
IsProcessorFeaturePresent
VerifyVersionInfoW
GetSystemWindowsDirectoryW
FreeConsole
CancelTimerQueueTimer
FindFirstChangeNotificationA
LockResource
ProcessIdToSessionId
FileTimeToLocalFileTime
DefineDosDeviceA
EnumResourceLanguagesW
SetLocaleInfoW
GetConsoleWindow
GetConsoleCP
InitializeCriticalSection
GetSystemDefaultLangID
EnumResourceTypesA
FindFirstFileW
RtlFillMemory
OpenSemaphoreA
HeapValidate
UpdateResourceW
CreateRemoteThread
HeapAlloc
FreeUserPhysicalPages
GlobalFix

user32

LoadIconW
ChangeDisplaySettingsA
GetKeyState
DefWindowProcW
GetProcessDefaultLayout
CreateDialogParamA
DlgDirListW
WINNLSGetIMEHotkey
EnumDesktopsW
SendMessageA
EndTask
GetMenuStringW
GetWindowLongA
SetParent
DdeNameService
CharUpperBuffA
SetPropA
DlgDirSelectExA
UnregisterClassA
GetWindowTextLengthA
CharToOemBuffW
ScreenToClient
SetMenuItemBitmaps
GetCursorInfo
DdeUnaccessData
WINNLSGetEnableStatus
IsChild
OpenDesktopA
GetUpdateRect
GetLastActivePopup
VkKeyScanExW
CreateWindowExW
LoadBitmapW
IsClipboardFormatAvailable
OemKeyScan
SetWindowsHookExW
LookupIconIdFromDirectoryEx
DeleteMenu
SetCapture
InSendMessageEx
GetClipboardFormatNameA
VkKeyScanW
LoadMenuIndirectW
CascadeWindows
IsWindowUnicode
DialogBoxIndirectParamW
CreateAcceleratorTableW
DdeUninitialize
ToAscii
IsRectEmpty
GrayStringW
GetAltTabInfoA
SetWindowsHookW
LoadCursorA
ChildWindowFromPointEx
OpenWindowStationW
GetMenuStringA
IMPGetIMEA
EnumWindows
DrawStateW
ShowCursor
GetMenuItemInfoW
DestroyWindow
RegisterShellHookWindow
SetProcessDefaultLayout
DefDlgProcA
InvalidateRect
SendMessageCallbackA
RemoveMenu
PostThreadMessageW
SetWindowWord
SetSystemCursor
IsCharAlphaW
SetUserObjectInformationA
ShowOwnedPopups
GetCursor
EmptyClipboard
CharNextExA
GetClientRect
CharToOemBuffA
TrackPopupMenu
IntersectRect
ValidateRgn
DialogBoxParamW
GetTitleBarInfo
UnhookWindowsHookEx
SetWindowsHookA
GetClipboardData
CreateIconFromResource
GetMenuContextHelpId
SetDeskWallpaper
CharUpperBuffW
ActivateKeyboardLayout

advapi32

RegOpenKeyExW

ole32

CoDisableCallCancellation
CoEnableCallCancellation
OleFlushClipboard
HICON_UserFree
OleLoad
OleMetafilePictFromIconAndLabel
CreateObjrefMoniker
CLIPFORMAT_UserMarshal
OleRegGetUserType
CoGetStdMarshalEx
UtConvertDvtd32toDvtd16
CoReactivateObject
CoGetClassObject
STGMEDIUM_UserSize
HBRUSH_UserMarshal
CoUnloadingWOW
StgGetIFillLockBytesOnILockBytes
CoDeactivateObject
SetDocumentBitStg
OleDraw
CoGetObjectContext
HBITMAP_UserSize
CoAddRefServerProcess
OleCreateLinkEx
CoTreatAsClass
WriteClassStm
DllDebugObjectRPCHook
HWND_UserFree
CreateOleAdviseHolder
WriteOleStg
CoTaskMemAlloc
ReadClassStm
OleConvertIStorageToOLESTREAMEx
SNB_UserSize
StgConvertPropertyToVariant
OleLoadFromStream
ReadClassStg
StgIsStorageILockBytes
CoQueryAuthenticationServices
CoGetCancelObject
StgCreateDocfile
OleBuildVersion
OleCreate
CoMarshalInterface
HDC_UserFree
HPALETTE_UserMarshal
OleGetIconOfFile
CoUninitialize
OleCreateFromFile
WriteClassStg
CoLockObjectExternal
GetHookInterface
WdtpInterfacePointer_UserSize
CoRegisterMallocSpy
CoGetTreatAsClass
PropStgNameToFmtId
HBRUSH_UserUnmarshal
StringFromCLSID
WriteFmtUserTypeStg
HACCEL_UserMarshal
STGMEDIUM_UserFree
GetHGlobalFromStream
HENHMETAFILE_UserUnmarshal
CoRevokeMallocSpy
StgCreatePropSetStg
CoCreateObjectInContext
OleSetClipboard
HBITMAP_UserUnmarshal
HACCEL_UserUnmarshal
OleCreateLinkFromData
UtGetDvtd32Info
CoSetProxyBlanket
CoSwitchCallContext
GetDocumentBitStg
CoRegisterSurrogate
CoGetObject
OleGetIconOfClass
OleUninitialize
CoCancelCall
HDC_UserMarshal
OleRegEnumVerbs

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:eeCertificate

Extended Key Usages

61:3e:b5:cb:74:0a:3c:a2:94:25:4a:4d:7a:68:94:03:f9:32:be:57Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 304KB - Virtual size: 304KB

.text2 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

61:3e:b5:cb:74:0a:3c:a2:94:25:4a:4d:7a:68:94:03:f9:32:be:57
Signer

.text
Size: 304KB - Virtual size: 304KB

.text2
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB