85f60708ffbbec97aa71eebb00dcd0e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

85f60708ffbbec97aa71eebb00dcd0e2_JaffaCakes118
Size

321KB
MD5

85f60708ffbbec97aa71eebb00dcd0e2
SHA1

b34671c1e34184a31b734acb61b6131736208bb5
SHA256

95d8bbaf14c46100684f502055399d5ed5d4fc34986f1660386d68fe5001e0cc
SHA512

920b5e8cdc774cd48585644026135b25030b299899e3ac4930617446c513d2b28ada435002b76a9184faa935bf4a41290c3539f67640b14f2b3faf32ee12a739
SSDEEP

6144:iwTTu7g4DQC6ziRo0sYXkADm5TsCQIaNEN4xxgB3ixuqFsE6aMhZDw:nopF6K1dzUIIaNniB3nq+nah

Score

1^/10

Malware Config

Signatures

Files

85f60708ffbbec97aa71eebb00dcd0e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

Issuer

CN=23612

Not Before

03-02-2012 15:38

Not After

31-12-2039 23:59

Subject

CN=23612

Extended Key Usages

ExtKeyUsageCodeSigning

df:1c:f0:cf:bd:14:0f:be:b6:b1:03:e6:4c:ca:d4:6a:29:49:a3:b3
Signer

Actual PE Digest

df:1c:f0:cf:bd:14:0f:be:b6:b1:03:e6:4c:ca:d4:6a:29:49:a3:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VerSetConditionMask
ClearCommError
GetTimeFormatW
CompareStringA
LoadLibraryExA
UpdateResourceA
SetConsoleCursorInfo
GetSystemInfo
FlushConsoleInputBuffer
GetTempPathW
FindResourceExA
GlobalFindAtomW
GlobalAlloc
SystemTimeToFileTime
GetModuleHandleA
WaitForMultipleObjects
DeleteFileW
GetFileInformationByHandle
lstrcat
CreateProcessW
GetPrivateProfileSectionNamesA
GetConsoleAliasExesA
DosDateTimeToFileTime
PostQueuedCompletionStatus
ReadDirectoryChangesW
GetProcessVersion
SetProcessPriorityBoost
GetUserDefaultLCID
Module32NextW
EnumDateFormatsExW
SetProcessAffinityMask
UnregisterWait
lstrcmpA
SetComputerNameExW
GetDriveTypeA
EnumTimeFormatsA
GetTapeParameters
FindCloseChangeNotification
OpenJobObjectW
SetConsoleDisplayMode
EnumSystemLanguageGroupsA
CreateMailslotA
GetConsoleAliasA
GlobalFlags
GlobalAddAtomW
DeleteFiber
MapUserPhysicalPages
GetCurrencyFormatA
SetUnhandledExceptionFilter
EnumCalendarInfoExA
CreateHardLinkW
UnregisterWaitEx
GetSystemTimeAsFileTime
InterlockedExchangeAdd
MoveFileW
GetFileAttributesExA
CompareStringW
DeleteVolumeMountPointA
SetSystemTime
GetBinaryTypeA
ReadFile
GetProfileStringA
GetVolumePathNameW
IsProcessorFeaturePresent
VerifyVersionInfoW
GetSystemWindowsDirectoryW
FreeConsole
CancelTimerQueueTimer
FindFirstChangeNotificationA
LockResource
ProcessIdToSessionId
FileTimeToLocalFileTime
DefineDosDeviceA
EnumResourceLanguagesW
SetLocaleInfoW
GetConsoleWindow
GetConsoleCP
InitializeCriticalSection
GetSystemDefaultLangID
EnumResourceTypesA
FindFirstFileW
RtlFillMemory
OpenSemaphoreA
HeapValidate
UpdateResourceW
CreateRemoteThread
HeapAlloc
FreeUserPhysicalPages
GlobalFix

user32

LoadIconW
ChangeDisplaySettingsA
GetKeyState
DefWindowProcW
GetProcessDefaultLayout
CreateDialogParamA
DlgDirListW
WINNLSGetIMEHotkey
EnumDesktopsW
SendMessageA
EndTask
GetMenuStringW
GetWindowLongA
SetParent
DdeNameService
CharUpperBuffA
SetPropA
DlgDirSelectExA
UnregisterClassA
GetWindowTextLengthA
CharToOemBuffW
ScreenToClient
SetMenuItemBitmaps
GetCursorInfo
DdeUnaccessData
WINNLSGetEnableStatus
IsChild
OpenDesktopA
GetUpdateRect
GetLastActivePopup
VkKeyScanExW
CreateWindowExW
LoadBitmapW
IsClipboardFormatAvailable
OemKeyScan
SetWindowsHookExW
LookupIconIdFromDirectoryEx
DeleteMenu
SetCapture
InSendMessageEx
GetClipboardFormatNameA
VkKeyScanW
LoadMenuIndirectW
CascadeWindows
IsWindowUnicode
DialogBoxIndirectParamW
CreateAcceleratorTableW
DdeUninitialize
ToAscii
IsRectEmpty
GrayStringW
GetAltTabInfoA
SetWindowsHookW
LoadCursorA
ChildWindowFromPointEx
OpenWindowStationW
GetMenuStringA
IMPGetIMEA
EnumWindows
DrawStateW
ShowCursor
GetMenuItemInfoW
DestroyWindow
RegisterShellHookWindow
SetProcessDefaultLayout
DefDlgProcA
InvalidateRect
SendMessageCallbackA
RemoveMenu
PostThreadMessageW
SetWindowWord
SetSystemCursor
IsCharAlphaW
SetUserObjectInformationA
ShowOwnedPopups
GetCursor
EmptyClipboard
CharNextExA
GetClientRect
CharToOemBuffA
TrackPopupMenu
IntersectRect
ValidateRgn
DialogBoxParamW
GetTitleBarInfo
UnhookWindowsHookEx
SetWindowsHookA
GetClipboardData
CreateIconFromResource
GetMenuContextHelpId
SetDeskWallpaper
CharUpperBuffW
ActivateKeyboardLayout

advapi32

RegOpenKeyExW

ole32

CoDisableCallCancellation
CoEnableCallCancellation
OleFlushClipboard
HICON_UserFree
OleLoad
OleMetafilePictFromIconAndLabel
CreateObjrefMoniker
CLIPFORMAT_UserMarshal
OleRegGetUserType
CoGetStdMarshalEx
UtConvertDvtd32toDvtd16
CoReactivateObject
CoGetClassObject
STGMEDIUM_UserSize
HBRUSH_UserMarshal
CoUnloadingWOW
StgGetIFillLockBytesOnILockBytes
CoDeactivateObject
SetDocumentBitStg
OleDraw
CoGetObjectContext
HBITMAP_UserSize
CoAddRefServerProcess
OleCreateLinkEx
CoTreatAsClass
WriteClassStm
DllDebugObjectRPCHook
HWND_UserFree
CreateOleAdviseHolder
WriteOleStg
CoTaskMemAlloc
ReadClassStm
OleConvertIStorageToOLESTREAMEx
SNB_UserSize
StgConvertPropertyToVariant
OleLoadFromStream
ReadClassStg
StgIsStorageILockBytes
CoQueryAuthenticationServices
CoGetCancelObject
StgCreateDocfile
OleBuildVersion
OleCreate
CoMarshalInterface
HDC_UserFree
HPALETTE_UserMarshal
OleGetIconOfFile
CoUninitialize
OleCreateFromFile
WriteClassStg
CoLockObjectExternal
GetHookInterface
WdtpInterfacePointer_UserSize
CoRegisterMallocSpy
CoGetTreatAsClass
PropStgNameToFmtId
HBRUSH_UserUnmarshal
StringFromCLSID
WriteFmtUserTypeStg
HACCEL_UserMarshal
STGMEDIUM_UserFree
GetHGlobalFromStream
HENHMETAFILE_UserUnmarshal
CoRevokeMallocSpy
StgCreatePropSetStg
CoCreateObjectInContext
OleSetClipboard
HBITMAP_UserUnmarshal
HACCEL_UserUnmarshal
OleCreateLinkFromData
UtGetDvtd32Info
CoSetProxyBlanket
CoSwitchCallContext
GetDocumentBitStg
CoRegisterSurrogate
CoGetObject
OleGetIconOfClass
OleUninitialize
CoCancelCall
HDC_UserMarshal
OleRegEnumVerbs

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:eeCertificate

Extended Key Usages

df:1c:f0:cf:bd:14:0f:be:b6:b1:03:e6:4c:ca:d4:6a:29:49:a3:b3Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 304KB - Virtual size: 304KB

.text2 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

df:1c:f0:cf:bd:14:0f:be:b6:b1:03:e6:4c:ca:d4:6a:29:49:a3:b3
Signer

.text
Size: 304KB - Virtual size: 304KB

.text2
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB