8a101e031c8abfa4f21b19af3c72072f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a101e031c8abfa4f21b19af3c72072f_JaffaCakes118
Size

56KB
MD5

8a101e031c8abfa4f21b19af3c72072f
SHA1

35e34e84e54fac7e91bf6cc0bc4ce75f3011c3f7
SHA256

c05655418124d4072a86607d2319920ddce89cb74d0e6ef3023956831df314a0
SHA512

20deb646b237a178972d4272db41c9d69d1f53d72027ef170c6665ca3d77588ad5485770401da9dbf7b4d5ccd0d4cb7357772cf6f88e9db6eb250b1ba23c4fda
SSDEEP

768:zFGCoof+hykTiuGgKhAe/lIWpJApsDSssO+wcSDPnGMEaR2:c9TTiumVIWcIQGDvlEG

Score

1^/10

Malware Config

Signatures

Files

8a101e031c8abfa4f21b19af3c72072f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

89f5fd2a5dccd58e5295da44bbe5dc0a

Code Sign

1c:eb:dc:37:aa:da:65:98:49:49:60:29:ff:08:3c:5a
Certificate

Issuer

CN=ovy75l9gfjeQ

Not Before

12/03/2012, 16:20

Not After

31/12/2039, 23:59

Subject

CN=ovy75l9gfjeQ

Extended Key Usages

ExtKeyUsageCodeSigning

d4:b8:44:07:90:88:03:7e:b3:cd:45:cd:29:0e:0f:53:26:c4:d2:c1
Signer

Actual PE Digest

d4:b8:44:07:90:88:03:7e:b3:cd:45:cd:29:0e:0f:53:26:c4:d2:c1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
InterlockedCompareExchange
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetProcAddress
CreateFileA
VirtualAlloc
AllocConsole
AssignProcessToJobObject
BeginUpdateResourceW
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
CancelTimerQueueTimer
CloseHandle
ConnectNamedPipe
CopyFileW
CreateHardLinkA
CreateIoCompletionPort
CreateJobObjectA
CreateMutexW
CreateNamedPipeA
CreateRemoteThread
DebugActiveProcess
DeleteTimerQueueTimer
ExitThread
FatalAppExitA
FileTimeToDosDateTime
FindAtomA
FindFirstChangeNotificationW
FindFirstFileExA
FindVolumeClose
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
GetCPInfo
GetCommProperties
GetCompressedFileSizeA
GetConsoleTitleA
GetConsoleWindow
GetCurrentConsoleFont
GetCurrentThread
GetDiskFreeSpaceExA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileSize
GetFileType
GetLongPathNameA
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetPrivateProfileStructA
GetProcessShutdownParameters
GetProfileSectionA
GetStdHandle
GetSystemWindowsDirectoryW
GetTapePosition
GetThreadSelectorEntry
GlobalFindAtomW
GlobalGetAtomNameW
GlobalMemoryStatusEx
GlobalReAlloc
GlobalUnWire
Heap32ListFirst
InterlockedDecrement
IsBadStringPtrA
IsDebuggerPresent
LocalFileTimeToFileTime
LocalHandle
LocalUnlock
MapUserPhysicalPages
Module32NextW
MultiByteToWideChar
OpenFileMappingW
OpenWaitableTimerW
PeekConsoleInputA
PeekNamedPipe
PostQueuedCompletionStatus
Process32Next
ProcessIdToSessionId
PurgeComm
ReadProcessMemory
ReplaceFile
RequestDeviceWakeup
ResetWriteWatch
SetCommBreak
SetComputerNameExW
SetDefaultCommConfigW
SetEnvironmentVariableA
SetFileTime
SetTimerQueueTimer
SetVolumeLabelW
SetupComm
TerminateProcess
Thread32First
UpdateResourceA
WriteConsoleOutputA
_hread
_lclose
_lwrite
lstrcat
lstrcpyn

user32

RemoveMenu
ScreenToClient
SendNotifyMessageW
SetActiveWindow
SetCapture
SetClipboardViewer
SetDlgItemInt
SetKeyboardState
SetMenu
SetPropA
SetRectEmpty
SetShellWindow
SetThreadDesktop
SetWinEventHook
SetWindowRgn
SetWindowsHookExA
ShowOwnedPopups
SubtractRect
SystemParametersInfoW
TrackMouseEvent
TranslateAcceleratorW
TranslateMDISysAccel
UnregisterDeviceNotification
WINNLSGetEnableStatus
mouse_event
ReleaseDC
ReleaseCapture
RegisterClassExA
PaintDesktop
MessageBoxIndirectW
MapDialogRect
LoadKeyboardLayoutA
LoadIconW
LoadCursorA
LoadAcceleratorsW
IsCharLowerW
IsCharLowerA
HiliteMenuItem
HideCaret
GrayStringW
GetScrollBarInfo
GetQueueStatus
GetPropW
GetMonitorInfoA
GetMenuStringW
GetMenuContextHelpId
GetLastInputInfo
GetLastActivePopup
GetKeyboardLayoutNameW
GetFocus
GetDlgCtrlID
GetDesktopWindow
GetComboBoxInfo
GetClipboardData
GetClassWord
GetClassNameA
GetClassInfoExA
GetAsyncKeyState
GetAncestor
GetAltTabInfoW
GetAltTabInfoA
EnumThreadWindows
EnumDisplaySettingsW
EnumChildWindows
EnableMenuItem
DrawTextExW
DrawIconEx
DlgDirListComboBoxW
DispatchMessageW
DestroyWindow
DestroyCaret
DeregisterShellHookWindow
DefWindowProcW
DefWindowProcA
DefFrameProcA
DdeQueryNextServer
DdeGetLastError
DdeCreateDataHandle
DdeConnectList
DdeAddData
CreateIconIndirect
CreateDialogParamW
CopyImage
CloseClipboard
CheckMenuRadioItem
ChangeDisplaySettingsExW
ChangeClipboardChain
CascadeWindows
ArrangeIconicWindows
EndMenu

shell32

SHEmptyRecycleBinW
Shell_NotifyIcon
ShellHookProc
ShellExecuteExW
ShellExecuteA
ShellAboutW
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHLoadInProc
CommandLineToArgvW
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconA
ExtractAssociatedIconExW
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableW
SHIsFileAvailableOffline
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateDirectoryExW
SHEmptyRecycleBinA
Shell_NotifyIconA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetMalloc
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHInvokePrinterCommandW

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNW
StrRChrA
StrRChrIW
StrRStrIA
StrStrIA
StrStrIW

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g4
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.g3
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89f5fd2a5dccd58e5295da44bbe5dc0a

Code Sign

1c:eb:dc:37:aa:da:65:98:49:49:60:29:ff:08:3c:5aCertificate

Extended Key Usages

d4:b8:44:07:90:88:03:7e:b3:cd:45:cd:29:0e:0f:53:26:c4:d2:c1Signer

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 1024B - Virtual size: 944B

.g4 Size: 512B - Virtual size: 1B

.g3 Size: 512B - Virtual size: 1B

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 1KB

1c:eb:dc:37:aa:da:65:98:49:49:60:29:ff:08:3c:5a
Certificate

d4:b8:44:07:90:88:03:7e:b3:cd:45:cd:29:0e:0f:53:26:c4:d2:c1
Signer

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 1024B - Virtual size: 944B

.g4
Size: 512B - Virtual size: 1B

.g3
Size: 512B - Virtual size: 1B

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 1KB