855c18866458135ffc6d41f7e573f52a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

855c18866458135ffc6d41f7e573f52a_JaffaCakes118
Size

40KB
MD5

855c18866458135ffc6d41f7e573f52a
SHA1

93353115e7eca06275b311c49846ea0a064a3d95
SHA256

eeb9305a427202ba2eabeca5dc1e848f39180559d3a904372b0a76dea54732c3
SHA512

5e6478feafdf54b59a7a0275cbb581b30f568352a25ad5a7a13868d7a3b969350c91b8fbb871da53fddeeca4a25278e4bbc6ee1215101226ad26d46e06ff790b
SSDEEP

768:RxvUvlV9+ZHFsF4tEIGSF+jy/x4Ik8V/ROhiM4a9Djq95OUU:kvlD0tEdSz/Gb8V/ROhiODjyc

Score

1^/10

Malware Config

Signatures

Files

855c18866458135ffc6d41f7e573f52a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa2323e3dfa24b58209c71bbc0d22ec

Code Sign

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1
Certificate

Issuer

CN=7Tltl41ROBKK

Not Before

17/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=7Tltl41ROBKK

Extended Key Usages

ExtKeyUsageCodeSigning

55:41:95:23:20:03:a3:1b:11:66:02:37:6b:b8:66:33:09:0a:e1:5a
Signer

Actual PE Digest

55:41:95:23:20:03:a3:1b:11:66:02:37:6b:b8:66:33:09:0a:e1:5a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA
LoadLibraryA
GetProcAddress
LoadLibraryW
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
PostQueuedCompletionStatus
WinExec
BuildCommDCBAndTimeoutsW
OpenMutexW
CreateJobObjectA
CreateFileW
GetFileAttributesExW
GetTapeParameters
GetShortPathNameW
GetStringTypeExA
HeapAlloc
RaiseException
WritePrivateProfileStructA
LoadLibraryExA
GetSystemTime
SystemTimeToFileTime
LockFileEx
GetProfileIntA
CreateWaitableTimerA
GetCommandLineW
GetAtomNameW
CommConfigDialogW
GetEnvironmentVariableA
Heap32ListNext
SetProcessWorkingSetSize
EnumLanguageGroupLocalesW
SetSystemTimeAdjustment
VerLanguageNameA
OpenJobObjectW
FindCloseChangeNotification
GetStartupInfoA
Thread32Next
AddConsoleAliasA
SetComputerNameA
GetCPInfoExA
GetFullPathNameA
UnlockFile
FreeLibrary
GetCurrentConsoleFont
GetComputerNameA
EnumResourceTypesA
CancelWaitableTimer
BackupWrite
GetStringTypeA
WritePrivateProfileSectionW
ReadConsoleA
FillConsoleOutputAttribute
GetTapeStatus
VerifyVersionInfoA
ReadConsoleOutputCharacterW
SetDefaultCommConfigA
FindNextVolumeMountPointA
VirtualProtectEx
GetComputerNameExA
GetLocaleInfoA
AddAtomA
WriteTapemark
GetVolumeNameForVolumeMountPointW
FindResourceExW
Heap32First
ClearCommError
CreateHardLinkA
GetLongPathNameW
SetPriorityClass
ContinueDebugEvent
GetHandleInformation
BuildCommDCBA
SetLastError
WriteProcessMemory
FreeConsole
TransactNamedPipe
GetFileAttributesW
MapViewOfFileEx
GetEnvironmentStringsA
lstrlenW
SignalObjectAndWait
SetComputerNameW
GetDevicePowerState
CreateSemaphoreA
SetThreadAffinityMask
OpenMutexA
FindResourceW
GetEnvironmentStringsW
DeleteVolumeMountPointW
CreateDirectoryExW
CreateIoCompletionPort
VirtualProtect
GetSystemWindowsDirectoryA
GetEnvironmentVariableW
GetLocalTime
SetThreadContext

user32

CharNextA
LoadCursorFromFileW
AnimateWindow
IsHungAppWindow
CharUpperBuffW
ChangeDisplaySettingsA
wsprintfA
CreatePopupMenu
IsCharAlphaW
GetParent
TrackPopupMenu
CreateWindowStationA
GetMenuDefaultItem
DrawEdge
SendDlgItemMessageW
GetWindowInfo
DdeCreateStringHandleA
IsRectEmpty
SetWindowsHookW
GetMenuStringA
ToUnicode
GetCapture
DrawIconEx
GetKeyNameTextW
IsWindowVisible
GetMonitorInfoA
LoadMenuW
DefFrameProcA
SetWindowsHookExA
EqualRect
EnumThreadWindows
DlgDirListComboBoxW
GetCaretPos
SwitchToThisWindow
DdeUninitialize
SetDlgItemTextW
SetWindowTextA
DlgDirSelectComboBoxExA
SendMessageCallbackW
DdeConnect
CheckMenuRadioItem
GetWindowRect
CheckRadioButton
GetAncestor
GetNextDlgTabItem
ShowScrollBar
CharToOemBuffW
UpdateWindow
DlgDirSelectExW
MessageBeep
LoadCursorA
GetComboBoxInfo
OpenWindowStationW
CharPrevExA
BroadcastSystemMessageA
GetKeyboardLayoutNameA
CharLowerA
DefWindowProcW
IsDialogMessageA
GetKeyNameTextA
PostThreadMessageA
RemovePropW
GetMenuItemInfoA
EndMenu
SetTimer
DefDlgProcW
FreeDDElParam
SetWindowRgn
SetRectEmpty
ToAsciiEx
MoveWindow
GetAsyncKeyState
GetTopWindow
SetWindowPos
PackDDElParam
DdeDisconnectList
WindowFromDC
LoadImageW
DdeAbandonTransaction
GrayStringA
SetActiveWindow
TranslateAcceleratorW
GetMenuItemInfoW
OpenWindowStationA
EnumDisplayMonitors
IsWindow
CreateDialogParamA
GetWindowThreadProcessId
GetPropA
wsprintfW
DdeClientTransaction
CascadeChildWindows
GetWindowTextW
GetKBCodePage
GetMenuCheckMarkDimensions
GetWindowLongA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
GetStretchBltMode
SetLayoutWidth
GetCharWidthW
GdiFlush
GetMetaFileA
GdiDllInitialize
GetGlyphOutline
CreateEllipticRgnIndirect
PtVisible
GetClipBox
SetBoundsRect
GetEnhMetaFileBits
SetPolyFillMode
GdiEntry4
EngFindResource
SetMetaFileBitsEx
EngCreateDeviceBitmap
GdiEntry14
GetRegionData
GetMetaFileW
CreateEnhMetaFileA
EngDeletePalette
AddFontResourceExA
GetNearestPaletteIndex
StrokeAndFillPath
SetPixelFormat
CreatePolygonRgn
XFORMOBJ_bApplyXform
CreateRoundRectRgn
GdiEntry5
GdiGetSpoolMessage
GdiEndPageEMF
GdiConsoleTextOut
GetArcDirection
EndDoc
ExtCreatePen
GdiEntry6
PATHOBJ_vEnumStartClipLines
RemoveFontResourceExA
EqualRgn
GdiProcessSetup
CreateScalableFontResourceW
cGetTTFFromFOT
GetCharWidthInfo
PathToRegion
Polygon
GdiCleanCacheDC
PolyPolyline
LPtoDP
SetMagicColors
GdiCreateLocalEnhMetaFile
GetEUDCTimeStampExW
CreateCompatibleBitmap
CLIPOBJ_ppoGetPath
GetPath
SaveDC
FrameRgn
ResetDCA
GdiDeleteLocalDC
GdiGetPageHandle
ExtFloodFill
GetBkColor
EngComputeGlyphSet
GetTextExtentExPointWPri
GetPolyFillMode
GdiGetCodePage
GdiValidateHandle
GetOutlineTextMetricsW
CreateBrushIndirect
GetStringBitmapA
CopyEnhMetaFileA
CancelDC
EngStretchBltROP
EngCheckAbort
IntersectClipRect
GetTextMetricsA
GdiStartDocEMF
CreateEnhMetaFileW
GdiEntry8
GetAspectRatioFilterEx
GetTextExtentPointI
PlgBlt
SetBitmapDimensionEx
PolylineTo
FlattenPath
GetWinMetaFileBits
DeviceCapabilitiesExA
GdiConvertEnhMetaFile
GetColorAdjustment

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa2323e3dfa24b58209c71bbc0d22ec

Code Sign

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1Certificate

Extended Key Usages

55:41:95:23:20:03:a3:1b:11:66:02:37:6b:b8:66:33:09:0a:e1:5aSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 21KB - Virtual size: 20KB

.text4 Size: 1024B - Virtual size: 1000B

.text3 Size: 1024B - Virtual size: 1000B

.text2 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1
Certificate

55:41:95:23:20:03:a3:1b:11:66:02:37:6b:b8:66:33:09:0a:e1:5a
Signer

.text
Size: 21KB - Virtual size: 20KB

.text4
Size: 1024B - Virtual size: 1000B

.text3
Size: 1024B - Virtual size: 1000B

.text2
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB