8b832f3b7bd9540725348d394c5649b7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b832f3b7bd9540725348d394c5649b7_JaffaCakes118
Size

105KB
MD5

8b832f3b7bd9540725348d394c5649b7
SHA1

99261b7119fd19efcf9fb2619e7d0f6e4aa9b4b1
SHA256

792642a1ced907336fefeb02a77323c407dabac665574678b4d2e999eec90a11
SHA512

2423dc545db1dd72a3d15ebb3b11b25430cc03024df5613dc10ad3bb3da733e44cd1bb60bb23c2b429806e601b802eafb928c192839d7dc1dea5cbcd57818d9e
SSDEEP

1536:21AzrOzqw12ArLzZ7zFjfj/tIgLPIleuOCJWTnCt8x2PT:tzrOB22llrjGJLfJOCOx2PT

Score

1^/10

Malware Config

Signatures

Files

8b832f3b7bd9540725348d394c5649b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd7f89b48ac1079d88774347e2349c63

Code Sign

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92
Certificate

Issuer

CN=w466666345uy inc

Not Before

28-01-2012 07:40

Not After

31-12-2039 23:59

Subject

CN=w466666345uy inc

Extended Key Usages

ExtKeyUsageCodeSigning

a6:09:65:95:86:c5:8b:d4:71:f1:c9:73:95:7c:a5:de:53:a3:c4:61
Signer

Actual PE Digest

a6:09:65:95:86:c5:8b:d4:71:f1:c9:73:95:7c:a5:de:53:a3:c4:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
LoadLibraryA
GetProcessHeap
GetProcAddress
GetSystemInfo
BackupWrite
CreateDirectoryW
CreateMailslotW
CreateSemaphoreW
FindClose
FindNextChangeNotification
FindResourceA
GetComputerNameExA
GetComputerNameExW
GetConsoleAliasExesA
GetConsoleAliasW
GetCurrentProcessId
GetDriveTypeW
GetEnvironmentStringsW
GetLongPathNameA
GetProfileSectionW
GetStartupInfoW
GetSystemDefaultUILanguage
GetSystemTimeAdjustment
GetThreadPriority
lstrcatW
GetVolumeNameForVolumeMountPointW
HeapCreate
IsProcessorFeaturePresent
IsValidCodePage
LoadResource
LocalUnlock
LockResource
Module32NextW
OpenThread
OutputDebugStringW
SetCriticalSectionSpinCount
SetCurrentDirectoryA
SetDefaultCommConfigW
SetFileApisToOEM
SetHandleInformation
SetVolumeMountPointW
SizeofResource
UnlockFile
VerLanguageNameW
VerSetConditionMask
WaitCommEvent
WriteFileGather
WritePrivateProfileStructA
_lread
_lwrite
GetTimeFormatW
CreateFileW

msvcrt

memset

advapi32

RegOpenKeyExW

ole32

CLIPFORMAT_UserFree
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserUnmarshal
CLSIDFromProgIDEx
CoAllowSetForegroundWindow
CoCreateGuid
CoCreateInstanceEx
CoCreateObjectInContext
CoDosDateTimeToFileTime
CoEnableCallCancellation
CoFileTimeNow
CoFreeAllLibraries
CoGetInstanceFromFile
CoGetMalloc
CoGetMarshalSizeMax
CoGetObjectContext
CoGetStandardMarshal
CoImpersonateClient
CoIsHandlerConnected
CoIsOle1Class
CoLockObjectExternal
CoReactivateObject
CoRegisterClassObject
CoRegisterMessageFilter
CoRegisterSurrogate
CoRevokeClassObject
CoSetCancelObject
CoSuspendClassObjects
CoTreatAsClass
CoUninitialize
CoUnloadingWOW
CreateAntiMoniker
CreateDataCache
CreateFileMoniker
CreateGenericComposite
CreateILockBytesOnHGlobal
EnableHookObject
FmtIdToPropStgName
FreePropVariantArray
GetDocumentBitStg
GetHGlobalFromILockBytes
GetHookInterface
HACCEL_UserFree
HACCEL_UserSize
HACCEL_UserUnmarshal
HDC_UserSize
HENHMETAFILE_UserMarshal
HGLOBAL_UserFree
HGLOBAL_UserMarshal
HICON_UserFree
HICON_UserMarshal
HICON_UserSize
HMENU_UserSize
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserUnmarshal
HkOleRegisterObject
MonikerCommonPrefixWith
OleConvertIStorageToOLESTREAMEx
OleCreateEx
OleCreateFromDataEx
OleCreateFromFileEx
OleCreateLinkFromData
OleCreateLinkToFile
OleCreateLinkToFileEx
OleCreateMenuDescriptor
OleDuplicateData
OleFlushClipboard
OleLoadFromStream
OleLockRunning
OleRegEnumFormatEtc
OleRun
OleTranslateAccelerator
OpenOrCreateStream
PropStgNameToFmtId
ReadFmtUserTypeStg
ReadOleStg
ReadStringStream
RevokeDragDrop
SNB_UserFree
SNB_UserUnmarshal
STGMEDIUM_UserMarshal
StgConvertVariantToProperty
StgCreateDocfileOnILockBytes
StgGetIFillLockBytesOnFile
StgIsStorageFile
StgIsStorageILockBytes
StgPropertyLengthAsVariant
UtGetDvtd16Info
WdtpInterfacePointer_UserUnmarshal
WriteFmtUserTypeStg

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text3
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd7f89b48ac1079d88774347e2349c63

Code Sign

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92Certificate

Extended Key Usages

a6:09:65:95:86:c5:8b:d4:71:f1:c9:73:95:7c:a5:de:53:a3:c4:61Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

ole32

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 452B

.text2 Size: 1024B - Virtual size: 588B

.text3 Size: 72KB - Virtual size: 71KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 1KB - Virtual size: 1KB

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92
Certificate

a6:09:65:95:86:c5:8b:d4:71:f1:c9:73:95:7c:a5:de:53:a3:c4:61
Signer

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 452B

.text2
Size: 1024B - Virtual size: 588B

.text3
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 1KB - Virtual size: 1KB