89d2d23844902005194ed7e9db2153ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89d2d23844902005194ed7e9db2153ae_JaffaCakes118
Size

70KB
MD5

89d2d23844902005194ed7e9db2153ae
SHA1

59bfd3ce172efc68ec8ccd09f050ce830c74bda9
SHA256

c71ac382d40b1057fa5dbc543d7fc9def06d8aba89e1322d1a6251aac8bb81a7
SHA512

653f046b623e4ef1a7e2dc36e6df7b0db71c451861554b55a0ee77c984479ec1e1dc25fe89771230b351adf809095b15cd4a8505d234fbe2b0580cb098b391b5
SSDEEP

1536:yOXpn112bEXiJGV1PYumkMCxXY05QVRKBcr9qnK:yE1CENgumjC5YXRKBcWK

Score

1^/10

Malware Config

Signatures

Files

89d2d23844902005194ed7e9db2153ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c679075c18d274779aff6c72f9ce90ca

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

Issuer

CN=UD48SN2pZFYF

Not Before

13/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=UD48SN2pZFYF

Extended Key Usages

ExtKeyUsageCodeSigning

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60
Signer

Actual PE Digest

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetComputerNameA

user32

GetSysColorBrush
EndDeferWindowPos
CallWindowProcW
ActivateKeyboardLayout
DrawTextExA
ShowCaret
GetMenuCheckMarkDimensions
ScreenToClient
LoadMenuIndirectW
OemKeyScan
CheckMenuItem
DdeGetData
DdeKeepStringHandle
TrackPopupMenu
CascadeWindows
SetWindowTextW
GetKeyboardState
EndDialog
LoadCursorA
GetSystemMetrics
PostQuitMessage
DrawTextW
DdeQueryNextServer
ModifyMenuA
GetIconInfo
DdeUnaccessData
GetScrollRange
IsCharUpperW
ValidateRgn
DestroyWindow
GrayStringW
DestroyCursor
CharPrevW
ChangeDisplaySettingsExW
ReuseDDElParam
FindWindowA
RegisterHotKey
SetActiveWindow
GetCaretPos
ChildWindowFromPointEx
SetSystemCursor
IMPSetIMEW
SetUserObjectSecurity
ScrollWindowEx
ToAsciiEx
DefDlgProcA
SwapMouseButton
OemToCharA
GetWindowTextLengthA
SetProcessDefaultLayout
LookupIconIdFromDirectoryEx
SetDebugErrorLevel
IsWindowEnabled
SetRectEmpty
GetClipboardFormatNameA
CreateDialogParamA
GetDlgItemTextW
FlashWindow
MonitorFromRect
DlgDirSelectExA
GetWindow
IsClipboardFormatAvailable
DrawIcon
LoadStringA
SendMessageTimeoutA
CreateIconFromResourceEx
CreateIcon
RegisterClassExW
MessageBoxExW
CopyAcceleratorTableW
SetUserObjectInformationA
DeferWindowPos
CloseClipboard
IsRectEmpty
CreateWindowStationW
WINNLSEnableIME
DestroyIcon
ShowWindow
MessageBoxA
EnumWindowStationsW
OemToCharW
ModifyMenuW
GetKBCodePage
GetUserObjectInformationA
GetMenu
FindWindowExA
DlgDirListW
GrayStringA
InvertRect
SetPropW
BeginDeferWindowPos
LoadIconA

comdlg32

ChooseColorA
ReplaceTextA
PageSetupDlgW
ChooseFontA
PrintDlgA
GetSaveFileNameW
GetFileTitleA
GetOpenFileNameW
PrintDlgExA
PageSetupDlgA
PrintDlgExW
FindTextW
GetFileTitleW
ChooseFontW
FindTextA
ChooseColorW
GetSaveFileNameA
CommDlgExtendedError
ReplaceTextW
GetOpenFileNameA
PrintDlgW

advapi32

RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindSuffixArrayW
PathIsRootA
SHRegGetUSValueA
PathIsURLA
SHQueryInfoKeyA
SHRegDeleteUSValueA
StrCpyNW
wvnsprintfW
StrCmpNA
PathRemoveFileSpecA
SHRegEnumUSKeyA
UrlIsNoHistoryW
AssocQueryKeyA
PathGetCharTypeW
StrStrIW
PathIsURLW
SHStrDupA
SHRegSetUSValueA
PathIsUNCServerShareW
SHDeleteKeyA
UrlIsOpaqueW
StrCSpnA
PathCompactPathExW
PathIsUNCA
SHCreateShellPalette
SHGetThreadRef
PathFileExistsA
SHDeleteKeyW
StrFormatKBSizeW
PathUnExpandEnvStringsW
SHGetInverseCMAP
StrTrimA
PathIsDirectoryW
PathUnquoteSpacesW
wnsprintfA
SHCreateStreamOnFileA
StrNCatW
StrCmpNIW
SHSetValueA
PathStripToRootW
ColorHLSToRGB
AssocQueryStringByKeyA
PathCanonicalizeW
SHEnumKeyExW
StrRChrW
PathIsRootW
PathCompactPathA
SHRegQueryUSValueA
SHRegQueryInfoUSKeyW
StrChrIW
PathFindFileNameW
SHRegGetBoolUSValueW
PathIsContentTypeA
SHRegDeleteEmptyUSKeyW
SHOpenRegStreamA
PathCombineW
PathCompactPathExA
PathStripPathA
PathUnquoteSpacesA
StrStrW
PathRelativePathToW
PathIsDirectoryA
StrCmpW
PathIsSystemFolderW
PathIsRelativeW
StrToIntA
UrlCombineA
StrPBrkW
StrFromTimeIntervalW
PathParseIconLocationA
PathUndecorateW
StrCpyW
UrlCompareW
PathIsUNCServerShareA
ord16
AssocQueryStringByKeyW
SHQueryValueExW
PathIsSameRootW
StrRStrIW
SHStrDupW
SHRegSetPathW
StrRChrIW
SHRegOpenUSKeyW
PathRemoveBackslashA
UrlCanonicalizeA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c679075c18d274779aff6c72f9ce90ca

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1Certificate

Extended Key Usages

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 41KB - Virtual size: 40KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1KB - Virtual size: 1KB

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60
Signer

.text
Size: 3KB - Virtual size: 3KB

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 41KB - Virtual size: 40KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1KB - Virtual size: 1KB