8b3d622863ccae7c91bec1e75b1fd404_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b3d622863ccae7c91bec1e75b1fd404_JaffaCakes118
Size

205KB
MD5

8b3d622863ccae7c91bec1e75b1fd404
SHA1

1a73cc019c478028fe39ffadde13712874afdecf
SHA256

5573e7eeac6cc6d34358fed791b7ccf1212b6083652be5e39fafbed4c58794a8
SHA512

422b019eb4d5326f3fefed8a7e975e2d3e715890bd143ec6f0da799dec92c717ce5f12882c90086c842312afc19ee381b6523c9a223ab0d0e7a2e9ae285a988b
SSDEEP

3072:kQ2b+zn5S4GyIjH9PRnv6z9yhBMhHfNKN5cBWynXf3u9T/YEdSi2TwRCZRzcGRJC:kd+FOdJnBUl25cBWi3wFdSiGwgb+

Score

1^/10

Malware Config

Signatures

Files

8b3d622863ccae7c91bec1e75b1fd404_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6be73745dde5868e3fd1d333792dd799

Code Sign

07:c3:94:9e:10:f8:5a:9d:47:0d:6c:e0:f3:4b:d0:d8
Certificate

Issuer

CN=XEIj0jUsp4Ey72L

Not Before

10/04/2012, 05:43

Not After

31/12/2039, 23:59

Subject

CN=XEIj0jUsp4Ey72L

Extended Key Usages

ExtKeyUsageCodeSigning

36:e1:37:59:5d:4b:c5:b9:72:42:62:b2:b4:4f:f7:e3:3d:e6:ba:a4
Signer

Actual PE Digest

36:e1:37:59:5d:4b:c5:b9:72:42:62:b2:b4:4f:f7:e3:3d:e6:ba:a4

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryW
VirtualAlloc
AddConsoleAliasW
AllocConsole
Beep
BeginUpdateResourceW
CallNamedPipeW
CancelWaitableTimer
ConvertThreadToFiber
CreateConsoleScreenBuffer
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateMutexA
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EndUpdateResourceA
EnumLanguageGroupLocalesA
EnumSystemCodePagesA
EnumSystemLocalesW
EnumTimeFormatsW
EraseTape
ExitThread
FatalAppExitA
FillConsoleOutputCharacterA
FlushViewOfFile
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeResource
FreeUserPhysicalPages
GetBinaryTypeA
GetCPInfoExW
GetCommTimeouts
GetCompressedFileSizeW
GetComputerNameA
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeW
GetFileTime
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetOverlappedResult
GetPriorityClass
GetPrivateProfileSectionNamesA
GetProcessIoCounters
GetShortPathNameA
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetThreadPriorityBoost
GetTimeZoneInformation
GetVolumePathNameA
GetWindowsDirectoryA
GlobalHandle
GlobalUnlock
InterlockedCompareExchange
IsBadCodePtr
IsBadStringPtrW
LocalHandle
LocalLock
Module32Next
MulDiv
OpenEventW
OpenJobObjectA
OpenSemaphoreA
OpenThread
PurgeComm
QueryDosDeviceW
ReplaceFile
RequestWakeupLatency
ResetEvent
ResumeThread
RtlZeroMemory
SetCommBreak
SetCommState
SetComputerNameA
SetConsoleCursorInfo
SetConsoleTitleA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetEvent
SetFilePointerEx
SetLocaleInfoA
SetMailslotInfo
SetNamedPipeHandleState
SetSystemTime
SetThreadExecutionState
SetTimerQueueTimer
SetUnhandledExceptionFilter
SetVolumeMountPointA
SetWaitableTimer
TlsAlloc
UpdateResourceA
VirtualAllocEx
VirtualProtect
VirtualQueryEx
WaitForDebugEvent
WaitForSingleObject
WaitNamedPipeA
WriteConsoleOutputA
WriteFileGather
WritePrivateProfileSectionA
_lclose
lstrcatA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

user32

BroadcastSystemMessageA
CallWindowProcA
CascadeChildWindows
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsW
ChangeMenuA
CharLowerW
CharPrevW
CharToOemW
CharUpperBuffA
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClipCursor
CloseWindow
CloseWindowStation
CopyAcceleratorTableW
CopyIcon
CreateAcceleratorTableW
CreateCursor
CreateDesktopA
CreateDialogIndirectParamA
CreateDialogParamA
CreateDialogParamW
CreateIconFromResource
CreateIconIndirect
CreateWindowStationW
DdeAddData
DdeClientTransaction
DdeCreateDataHandle
DdeDisconnect
DdeEnableCallback
DdeFreeDataHandle
DdeGetData
DdeInitializeW
DdeKeepStringHandle
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeReconnect
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefFrameProcA
DefWindowProcA
DefWindowProcW
DeregisterShellHookWindow
DestroyCaret
DestroyIcon
DestroyMenu
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DlgDirSelectExA
DlgDirSelectExW
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
BlockInput
DrawTextExW
EmptyClipboard
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EnumDesktopWindows
EnumDesktopsA
EnumDisplayDevicesA
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumPropsA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsW
ExitWindowsEx
FindWindowExA
FindWindowExW
FreeDDElParam
GetActiveWindow
GetAltTabInfo
GetAltTabInfoW
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassNameA
GetClassWord
GetClipboardData
GetClipboardOwner
GetComboBoxInfo
GetCursor
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetFocus
GetGUIThreadInfo
GetIconInfo
GetInputDesktop
GetInputState
GetKBCodePage
GetKeyNameTextW
GetKeyboardState
GetLastInputInfo
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuItemInfoA
GetMenuStringA
GetMessageExtraInfo
GetMessagePos
GetMonitorInfoW
GetNextDlgTabItem
GetOpenClipboardWindow
GetPriorityClipboardFormat
GetProcessWindowStation
GetPropW
GetQueueStatus
GetScrollBarInfo
GetSubMenu
GetSysColor
GetSystemMetrics
GetThreadDesktop
GetTitleBarInfo
GetTopWindow
GetUpdateRgn
GetUserObjectInformationA
GetWindow
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowTextA
GetWindowTextW
GetWindowThreadProcessId
IMPGetIMEA
IMPGetIMEW
IMPQueryIMEA
IMPSetIMEW
InsertMenuW
InternalGetWindowText
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerA
IsChild
IsDialogMessageA
IsDialogMessageW
IsHungAppWindow
IsIconic
KillTimer
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorW
LoadImageA
LoadKeyboardLayoutA
LoadMenuIndirectW
LoadMenuW
LoadStringA
LookupIconIdFromDirectory
LookupIconIdFromDirectoryEx
MapVirtualKeyExA
MapVirtualKeyExW
MessageBoxExA
MessageBoxExW
MessageBoxW
MoveWindow
MsgWaitForMultipleObjectsEx
OemKeyScan
OemToCharBuffA
OpenDesktopA
OpenDesktopW
OpenWindowStationW
PostMessageA
PostMessageW
PostThreadMessageA
RedrawWindow
RegisterClassExA
RegisterClipboardFormatA
RegisterHotKey
RegisterWindowMessageA
ReleaseDC
RemoveMenu
ReuseDDElParam
ScreenToClient
SendDlgItemMessageW
SendIMEMessageExW
SendInput
SendMessageA
SendMessageCallbackW
SetCapture
SetClassLongW
SetCursor
SetCursorPos
SetDeskWallpaper
SetLayeredWindowAttributes
SetMenu
SetProcessWindowStation
SetPropA
SetRectEmpty
SetScrollInfo
SetShellWindow
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowWord
SetWindowsHookExW
ShowCaret
ShowScrollBar
ShowWindow
ShowWindowAsync
SubtractRect
SwitchDesktop
SystemParametersInfoA
TabbedTextOutW
ToAscii
ToAsciiEx
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHook
UnionRect
UnregisterDeviceNotification
UpdateLayeredWindow
UpdateWindow
UserHandleGrantAccess
ValidateRect
ValidateRgn
VkKeyScanExA
VkKeyScanW
WinHelpA
WindowFromDC
WindowFromPoint
keybd_event
AppendMenuA
AnyPopup
AdjustWindowRectEx
ActivateKeyboardLayout
DrawTextExA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6be73745dde5868e3fd1d333792dd799

Code Sign

07:c3:94:9e:10:f8:5a:9d:47:0d:6c:e0:f3:4b:d0:d8Certificate

Extended Key Usages

36:e1:37:59:5d:4b:c5:b9:72:42:62:b2:b4:4f:f7:e3:3d:e6:ba:a4Signer

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 2KB - Virtual size: 2KB

.data2 Size: 183KB - Virtual size: 182KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 2KB - Virtual size: 2KB

07:c3:94:9e:10:f8:5a:9d:47:0d:6c:e0:f3:4b:d0:d8
Certificate

36:e1:37:59:5d:4b:c5:b9:72:42:62:b2:b4:4f:f7:e3:3d:e6:ba:a4
Signer

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 2KB - Virtual size: 2KB

.data2
Size: 183KB - Virtual size: 182KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 2KB - Virtual size: 2KB