8a583fcdbfe2302e1e2b8b2d6e5351ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a583fcdbfe2302e1e2b8b2d6e5351ad_JaffaCakes118
Size

21KB
MD5

8a583fcdbfe2302e1e2b8b2d6e5351ad
SHA1

4eaeb0fdcd70100c4b2e2a044918dcc5594a47aa
SHA256

a84a88e3fb98949fff6e36df40b6a6ca6aaec4854bcfc043f88815d0641be81b
SHA512

803c692389f503cb170b7835fcc4789474efe06700cc59e5cbf0f465a672d739d7f3964d08096ae331c36dc236271f8d8ab18071616bbb27e76746485b29087e
SSDEEP

384:ADrdRF98jAhn1iiWBUpnGmIuWXP+hh4WWieZWTw7j:ADrLFl7rWBQGuWXP+hhdeB

Score

1^/10

Malware Config

Signatures

Files

8a583fcdbfe2302e1e2b8b2d6e5351ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

31e5af36e70fa3aa4a085d4ddf1dfd97

Code Sign

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8c
Certificate

Issuer

CN=yFfJFQjZS5cVSsx

Not Before

20-03-2012 06:07

Not After

31-12-2039 23:59

Subject

CN=yFfJFQjZS5cVSsx

Extended Key Usages

ExtKeyUsageCodeSigning

f5:17:14:56:ef:2f:09:fa:41:f4:f8:80:c6:62:94:d0:a2:f0:e3:bc
Signer

Actual PE Digest

f5:17:14:56:ef:2f:09:fa:41:f4:f8:80:c6:62:94:d0:a2:f0:e3:bc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetModuleHandleA
GetProcAddress

msvcrt

memset

user32

UnregisterHotKey
UnregisterClassA
TrackMouseEvent
ToAsciiEx
TabbedTextOutW
SystemParametersInfoA
ShowOwnedPopups
SetWindowTextA
SetWindowLongW
SetWinEventHook
SetUserObjectInformationA
SetMessageQueue
SetMessageExtraInfo
SetMenuItemBitmaps
SetKeyboardState
SetFocus
SetDoubleClickTime
SetClassLongA
SendMessageA
SendIMEMessageExW
SendDlgItemMessageW
ReplyMessage
ReleaseDC
RegisterWindowMessageA
PostQuitMessage
OpenDesktopA
OpenClipboard
OemToCharW
OemKeyScan
MsgWaitForMultipleObjects
MessageBoxExW
LoadStringA
LoadMenuIndirectA
LoadAcceleratorsW
IsCharAlphaNumericW
InvertRect
IntersectRect
InternalGetWindowText
InsertMenuItemW
InSendMessage
GrayStringA
GetWindowThreadProcessId
GetWindowInfo
GetWindowContextHelpId
GetWindow
GetUpdateRgn
GetQueueStatus
GetMonitorInfoA
GetMenuItemRect
GetMenu
GetLastInputInfo
GetKeyboardLayoutNameA
GetInputDesktop
GetGuiResources
GetForegroundWindow
GetDesktopWindow
GetComboBoxInfo
GetCaretBlinkTime
GetAsyncKeyState
GetAncestor
GetActiveWindow
FlashWindowEx
FindWindowExA
FindWindowA
ExcludeUpdateRgn
EnumWindowStationsW
EmptyClipboard
DrawStateA
DrawFocusRect
DrawEdge
DispatchMessageA
DialogBoxParamW
DeregisterShellHookWindow
DefWindowProcW
DefMDIChildProcW
DefMDIChildProcA
DdeSetUserHandle
DdeQueryConvInfo
DdePostAdvise
DdeEnableCallback
DdeCreateStringHandleW
DdeConnectList
DdeClientTransaction
CreateDialogIndirectParamW
CreateCaret
CharUpperBuffA
CascadeChildWindows
BroadcastSystemMessageW
BringWindowToTop
AdjustWindowRectEx
UnregisterClassW

gdi32

CombineTransform
CloseEnhMetaFile
Arc
XLATEOBJ_iXlate
UpdateColors
UnloadNetworkFonts
SetWindowExtEx
SetTextCharacterExtra
SetMagicColors
SetICMProfileW
SetColorAdjustment
SetBitmapDimensionEx
SetBitmapBits
SelectObject
SelectFontLocal
SaveDC
STROBJ_vEnumStart
STROBJ_bGetAdvanceWidths
RoundRect
ResetDCW
RemoveFontResourceTracking
PlgBlt
PATHOBJ_vEnumStart
OffsetRgn
NamedEscape
InvertRgn
HT_Get8BPPFormatPalette
GetTextExtentPointA
GetTextColor
GetTextAlign
GetRelAbs
GetRegionData
GetPixelFormat
GetObjectType
GetMetaFileBitsEx
GetKerningPairsA
GetGlyphOutlineW
GetGlyphOutline
GetDeviceGammaRamp
GetCurrentObject
GetCharacterPlacementA
GetCharWidthA
GetCharABCWidthsI
GetCharABCWidthsFloatA
GetBitmapBits
GdiSwapBuffers
GdiSetLastError
GdiSetAttrs
GdiPlayScript
GdiPlayPrivatePageEMF
GdiGetDevmodeForPage
GdiFixUpHandle
GdiEntry8
GdiConvertRegion
GdiConvertFont
GdiConvertBitmap
GdiConvertAndCheckDC
GdiAddGlsBounds
FillRgn
FONTOBJ_vGetInfo
ExtTextOutA
ExtFloodFill
ExtCreatePen
EnumFontsA
EnumFontFamiliesW
EnumFontFamiliesExA
EnumEnhMetaFile
EngWideCharToMultiByte
EngUnlockSurface
EngUnicodeToMultiByteN
EngQueryEMFInfo
EngFreeModule
EngCreateSemaphore
EnableEUDC
Ellipse
DeviceCapabilitiesExW
DeviceCapabilitiesExA
DeleteEnhMetaFile
DeleteDC
DeleteColorSpace
CreatePolygonRgn
CreatePolyPolygonRgn
CreatePenIndirect
CreateFontW
CreateEnhMetaFileW
CreateEllipticRgnIndirect
CreateDIBitmap
CreateColorSpaceW
CopyEnhMetaFileW
AddFontResourceExA

advapi32

RegOpenKeyExW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31e5af36e70fa3aa4a085d4ddf1dfd97

Code Sign

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8cCertificate

Extended Key Usages

f5:17:14:56:ef:2f:09:fa:41:f4:f8:80:c6:62:94:d0:a2:f0:e3:bcSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

60:29:be:36:38:c4:8a:74:bb:5e:b2:8f:90:0a:7f:8c
Certificate

f5:17:14:56:ef:2f:09:fa:41:f4:f8:80:c6:62:94:d0:a2:f0:e3:bc
Signer

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB