8ac6df70ae94f9566a14f905c447f337_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ac6df70ae94f9566a14f905c447f337_JaffaCakes118
Size

277KB
MD5

8ac6df70ae94f9566a14f905c447f337
SHA1

9ce60210094b7efa73cd98eb33005b38a8e43233
SHA256

248f1fe73fc3c143ecd19be619a28ed63e5b725d6c5c2b94f2dea477e3ca810c
SHA512

b5d3d80a8ac596ebdeaebc2a5b6d80dab040dd7b45db630b164d57fd7a2158e301adef9c5f74e3c33a6c60a33c6901f7f8f59f7bbd02c44153f8b76ed2b47527
SSDEEP

6144:64blG6rzysDrwsSSYjkrD77q3UwQi71QCAEzoT:6oQTkrwsSSY4n77OUZi7CCTo

Score

1^/10

Malware Config

Signatures

Files

8ac6df70ae94f9566a14f905c447f337_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15/03/2012, 10:39

Not After

31/12/2039, 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

5c:cf:79:85:86:78:07:e3:1b:61:1d:f7:10:7b:00:0e:ac:7e:d9:db
Signer

Actual PE Digest

5c:cf:79:85:86:78:07:e3:1b:61:1d:f7:10:7b:00:0e:ac:7e:d9:db

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
DnsHostnameToComputerNameA
CreateDirectoryA
HeapCompact
EnumUILanguagesA
ReadConsoleInputA
GetLocalTime
SetConsoleTitleA
FindFirstFileExW
SetFilePointerEx
GetStringTypeA
GetSystemTimeAdjustment
GetCompressedFileSizeW
GlobalGetAtomNameW
GetConsoleAliasExesLengthA
ExpandEnvironmentStringsA
GetProcessVersion
DeleteCriticalSection
SetConsoleTextAttribute
DisconnectNamedPipe
CreateMailslotW
IsSystemResumeAutomatic
FlushFileBuffers
GetSystemWindowsDirectoryW
SetComputerNameExW
WriteConsoleA
ReadConsoleOutputAttribute
ResetEvent
ChangeTimerQueueTimer
IsBadWritePtr
lstrcpyn
Module32Next
GetThreadLocale
WriteProfileStringW
WriteConsoleInputW
VerifyVersionInfoA
GetTapePosition
GetSystemTimeAsFileTime
GetVersionExW
GetProcessHeap
SetTapePosition
SetVolumeLabelA
FreeUserPhysicalPages
LocalHandle
GlobalFindAtomW
CreateThread
CreateTimerQueueTimer
GlobalMemoryStatusEx
GlobalAlloc
GetProcessAffinityMask
IsProcessorFeaturePresent
OpenWaitableTimerW
SetComputerNameExA
GetDiskFreeSpaceW
FindFirstChangeNotificationA
GetBinaryTypeA
GetCPInfoExA
Thread32First
FindFirstChangeNotificationW
FindCloseChangeNotification
GetMailslotInfo
GetPrivateProfileSectionA
SetThreadPriority
SetVolumeMountPointW
VirtualQueryEx
SetSystemPowerState
CreateSemaphoreW
SetThreadContext
SetErrorMode
GetTapeParameters
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
TlsSetValue
TerminateJobObject
GetCommandLineW
GlobalUnWire
DosDateTimeToFileTime
GetCompressedFileSizeA
CreateNamedPipeA
GetConsoleCP
DeleteFileW
PrepareTape
BeginUpdateResourceA
Beep
GetBinaryType
HeapReAlloc
SetCurrentDirectoryW
MapUserPhysicalPages
GetEnvironmentVariableA
GetSystemPowerStatus
ReadFileScatter
GetPrivateProfileStructA
OpenEventA
GetConsoleAliasExesA
SetThreadAffinityMask

user32

SetCursor
GetWindowTextW
GetClipboardFormatNameA
EnumDisplaySettingsExA
GetClassWord
RegisterClipboardFormatW
TranslateAcceleratorA
LoadImageW
GetClassLongW
GetDoubleClickTime
DdeCreateStringHandleA
EditWndProc
DrawIconEx
GetClassNameA
DdeEnableCallback
BeginDeferWindowPos
GetIconInfo
OpenWindowStationA
SetDlgItemTextA
GetMouseMovePointsEx
WINNLSGetIMEHotkey
IsDialogMessageA
EnumPropsA
SetScrollRange
GetScrollRange
DestroyMenu
DdeQueryConvInfo
GetMenuItemRect
SetUserObjectSecurity
EnumDisplaySettingsW
SetMessageQueue
GetMessagePos
SetCaretPos
DdeInitializeW
GetThreadDesktop
RegisterWindowMessageW
CharUpperW
GetWindowThreadProcessId
GetCursor
FlashWindowEx
DrawTextExW
AllowSetForegroundWindow
TrackPopupMenuEx
UnregisterClassA
DlgDirSelectExA
GetUpdateRgn
FreeDDElParam
GetClipboardData
WaitMessage
SendMessageCallbackW
IsHungAppWindow
GetKeyNameTextW
SendMessageW
WinHelpW
LoadMenuIndirectW
SetSysColors
GetClipboardOwner
GetNextDlgTabItem
GetKeyboardLayoutNameA
CharPrevExA
GetWindowLongW
SetRect
IsCharAlphaNumericA
CreateIconFromResource
DdeFreeDataHandle
CharLowerW
SetWinEventHook
SetThreadDesktop
DdeReconnect
SetMessageExtraInfo
CheckMenuItem
CreateCursor
DdeQueryStringW
SetDoubleClickTime
ReuseDDElParam
GetTabbedTextExtentW
InsertMenuItemW
DdeGetLastError
MonitorFromWindow
GrayStringW
CreateWindowStationA
CharUpperBuffA
wsprintfW
VkKeyScanW
InvalidateRgn
GetAncestor
CountClipboardFormats
WindowFromPoint
UserHandleGrantAccess
UnloadKeyboardLayout
GetDlgItemInt
SwitchDesktop
CreateDialogIndirectParamW
SendMessageA
RegisterWindowMessageA
TranslateMDISysAccel

comdlg32

PrintDlgA
PrintDlgExW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW
GetSaveFileNameA
ChooseFontW
PageSetupDlgW
ReplaceTextW
CommDlgExtendedError
ChooseColorA
GetFileTitleA
GetFileTitleW
ReplaceTextA
GetOpenFileNameA
PrintDlgExA
PrintDlgW
FindTextA
ChooseColorW
PageSetupDlgA
FindTextW

advapi32

RegOpenKeyExW

comctl32

ImageList_Remove
ord13
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_DragEnter
ImageList_GetImageInfo
InitMUILanguage
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_Destroy
ImageList_Duplicate
ImageList_DragLeave
CreateStatusWindowW
ImageList_DrawEx
InitializeFlatSB
ImageList_DragShowNolock
FlatSB_SetScrollInfo
CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_LoadImageA
ord6
ord4
ImageList_LoadImageW
ImageList_GetImageRect
CreateToolbarEx
InitCommonControlsEx
ord14
GetMUILanguage
ImageList_GetIcon
ImageList_DrawIndirect
_TrackMouseEvent
ord7
CreatePropertySheetPage
ImageList_Replace
CreateStatusWindow
ImageList_DragMove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetFilter
PropertySheetW
ImageList_EndDrag
ImageList_Read
ord17
ImageList_Create
FlatSB_GetScrollProp
FlatSB_SetScrollProp
ord2
ImageList_SetImageCount
ord3
ImageList_Copy
FlatSB_SetScrollRange
DrawStatusText
ImageList_Draw
ImageList_GetDragImage
UninitializeFlatSB
CreatePropertySheetPageA
ImageList_Add

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

d4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d2
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

5c:cf:79:85:86:78:07:e3:1b:61:1d:f7:10:7b:00:0e:ac:7e:d9:dbSigner

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

d4 Size: 1024B - Virtual size: 1000B

d3 Size: 1024B - Virtual size: 1000B

d2 Size: 258KB - Virtual size: 257KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

5c:cf:79:85:86:78:07:e3:1b:61:1d:f7:10:7b:00:0e:ac:7e:d9:db
Signer

.text
Size: 4KB - Virtual size: 3KB

d4
Size: 1024B - Virtual size: 1000B

d3
Size: 1024B - Virtual size: 1000B

d2
Size: 258KB - Virtual size: 257KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB