94c5a77f38a7a28aeb0d5dda3fdc776f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94c5a77f38a7a28aeb0d5dda3fdc776f_JaffaCakes118
Size

200KB
MD5

94c5a77f38a7a28aeb0d5dda3fdc776f
SHA1

0e0452ef003486c9ec1d54db7944507385993c31
SHA256

dd026fa7e9bb2f15d49277ce57677b9bd34d3a1a7f701a66df2432a0e4617d3e
SHA512

93acbf67b546e523d1bb85fd35a5e4be8f8d596c2db18842469753ed516ade5580d32285c8fb077883efbeed10d1b9b5f7ba0febe8fc4761454c4e47a6d31bfc
SSDEEP

6144:waSSWRPSJEBs+nr52ClnpPrDO4Jv5fQ0t+wteKj:w6WFggnr52YpPm4JBfQ2+JU

Score

1^/10

Malware Config

Signatures

Files

94c5a77f38a7a28aeb0d5dda3fdc776f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2c8f982108c349169fb232765601e0dc

Code Sign

0e:2a:a2:65:8e:86:b6:48:bc:89:b5:af:30:40:84:64
Certificate

Issuer

CN=ie6y0MAwBdrpPI2

Not Before

09/04/2012, 06:34

Not After

31/12/2039, 23:59

Subject

CN=ie6y0MAwBdrpPI2

Extended Key Usages

ExtKeyUsageCodeSigning

17:83:d9:7d:5f:42:e3:b6:64:28:be:02:73:c2:e6:12:ac:55:de:35
Signer

Actual PE Digest

17:83:d9:7d:5f:42:e3:b6:64:28:be:02:73:c2:e6:12:ac:55:de:35

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BeginUpdateResourceW
CallNamedPipeW
CancelWaitableTimer
ConvertThreadToFiber
CreateConsoleScreenBuffer
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateMutexA
CreatePipe
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EndUpdateResourceA
EnumLanguageGroupLocalesA
EnumSystemCodePagesA
EnumSystemLocalesW
EnumTimeFormatsW
EraseTape
ExitThread
FatalAppExitA
FillConsoleOutputCharacterA
FlushViewOfFile
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeResource
FreeUserPhysicalPages
GetBinaryTypeA
GetCPInfoExW
GetCommTimeouts
GetCompressedFileSizeW
GetComputerNameA
GetDateFormatA
GetDefaultCommConfigW
GetDiskFreeSpaceA
GetDriveTypeW
GetFileTime
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetOverlappedResult
GetPriorityClass
GetPrivateProfileSectionNamesA
GetProcessIoCounters
GetShortPathNameA
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetThreadPriorityBoost
GetTimeZoneInformation
GetVolumePathNameA
Beep
GlobalHandle
GlobalUnlock
InterlockedCompareExchange
IsBadCodePtr
IsBadStringPtrW
LocalHandle
LocalLock
Module32Next
MulDiv
OpenEventW
OpenJobObjectA
OpenSemaphoreA
OpenThread
PurgeComm
QueryDosDeviceW
ReplaceFile
RequestWakeupLatency
ResetEvent
ResumeThread
RtlZeroMemory
SetCommBreak
SetCommState
SetComputerNameA
SetConsoleCursorInfo
SetConsoleTitleA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetEvent
SetFilePointerEx
SetLocaleInfoA
SetMailslotInfo
SetNamedPipeHandleState
SetSystemTime
SetThreadExecutionState
SetTimerQueueTimer
SetUnhandledExceptionFilter
SetVolumeMountPointA
SetWaitableTimer
TlsAlloc
UpdateResourceA
VirtualAllocEx
VirtualProtect
VirtualQueryEx
WaitForDebugEvent
WaitForSingleObject
WaitNamedPipeA
WriteConsoleInputA
WriteConsoleOutputA
WriteFileGather
WritePrivateProfileSectionA
_lclose
lstrcatA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
AllocConsole
AddConsoleAliasW
GetWindowsDirectoryA
VirtualAlloc
IsDebuggerPresent

user32

ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsW
ChangeMenuA
CharLowerW
CharPrevW
CharToOemW
CharUpperBuffA
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClipCursor
CloseWindow
CloseWindowStation
CopyAcceleratorTableW
CopyIcon
CreateAcceleratorTableW
CreateCursor
CreateDesktopA
CreateDialogIndirectParamA
CreateDialogParamA
CreateDialogParamW
CreateIconFromResource
CreateIconIndirect
CreateWindowStationW
DdeAddData
DdeClientTransaction
DdeCreateDataHandle
DdeDisconnect
DdeEnableCallback
DdeFreeDataHandle
DdeGetData
DdeInitializeW
DdeKeepStringHandle
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeReconnect
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefFrameProcA
DefWindowProcA
DefWindowProcW
DeregisterShellHookWindow
DestroyCaret
DestroyIcon
DestroyMenu
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DlgDirSelectExA
DlgDirSelectExW
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
DrawTextExA
DrawTextExW
ChangeClipboardChain
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EnumDesktopWindows
EnumDesktopsA
EnumDisplayDevicesA
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumPropsA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsW
ExitWindowsEx
FindWindowExA
FindWindowExW
FreeDDElParam
GetActiveWindow
GetAltTabInfo
GetAltTabInfoW
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassNameA
GetClassWord
GetClipboardData
GetClipboardOwner
GetComboBoxInfo
GetCursor
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetFocus
GetGUIThreadInfo
GetIconInfo
GetInputDesktop
GetInputState
GetKBCodePage
GetKeyNameTextW
GetKeyboardState
GetLastInputInfo
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuItemInfoA
GetMenuStringA
GetMessageExtraInfo
GetMessagePos
GetMonitorInfoW
GetNextDlgTabItem
GetOpenClipboardWindow
GetPriorityClipboardFormat
GetProcessWindowStation
GetPropW
GetQueueStatus
GetScrollBarInfo
GetSubMenu
GetSysColor
GetSystemMetrics
GetThreadDesktop
GetTitleBarInfo
GetTopWindow
GetUpdateRgn
GetUserObjectInformationA
GetWindow
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowTextA
GetWindowTextW
GetWindowThreadProcessId
IMPGetIMEA
IMPGetIMEW
IMPQueryIMEA
IMPSetIMEW
InsertMenuW
InternalGetWindowText
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerA
IsChild
IsDialogMessageA
IsDialogMessageW
IsHungAppWindow
IsIconic
KillTimer
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorW
LoadImageA
LoadKeyboardLayoutA
LoadMenuIndirectW
LoadMenuW
LoadStringA
LookupIconIdFromDirectory
LookupIconIdFromDirectoryEx
MapVirtualKeyExA
MapVirtualKeyExW
MessageBoxExA
MessageBoxExW
MessageBoxW
MoveWindow
MsgWaitForMultipleObjectsEx
OemKeyScan
OemToCharBuffA
OpenDesktopA
OpenDesktopW
OpenWindowStationW
PostMessageA
PostMessageW
PostThreadMessageA
RedrawWindow
RegisterClassExA
RegisterClipboardFormatA
RegisterHotKey
RegisterWindowMessageA
ReleaseDC
RemoveMenu
ReuseDDElParam
ScreenToClient
SendDlgItemMessageW
SendIMEMessageExW
SendInput
SendMessageA
SendMessageCallbackW
SetCapture
SetClassLongW
SetCursor
SetCursorPos
SetDeskWallpaper
SetLayeredWindowAttributes
SetMenu
SetProcessWindowStation
SetPropA
SetRectEmpty
SetScrollInfo
SetShellWindow
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowWord
SetWindowsHookExW
ShowCaret
ShowScrollBar
ShowWindow
ShowWindowAsync
SubtractRect
SwitchDesktop
SystemParametersInfoA
TabbedTextOutW
ToAscii
ToAsciiEx
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHook
UnionRect
UnregisterDeviceNotification
UpdateLayeredWindow
UpdateWindow
UserHandleGrantAccess
ValidateRect
ValidateRgn
VkKeyScanExA
VkKeyScanW
WinHelpA
WindowFromDC
WindowFromPoint
keybd_event
CascadeChildWindows
CallWindowProcA
BroadcastSystemMessageA
BlockInput
AppendMenuA
AnyPopup
AdjustWindowRectEx
ActivateKeyboardLayout
EmptyClipboard

gdi32

GetStockObject

advapi32

RegOpenKeyW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c8f982108c349169fb232765601e0dc

Code Sign

0e:2a:a2:65:8e:86:b6:48:bc:89:b5:af:30:40:84:64Certificate

Extended Key Usages

17:83:d9:7d:5f:42:e3:b6:64:28:be:02:73:c2:e6:12:ac:55:de:35Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 180KB - Virtual size: 181KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 2KB - Virtual size: 2KB

0e:2a:a2:65:8e:86:b6:48:bc:89:b5:af:30:40:84:64
Certificate

17:83:d9:7d:5f:42:e3:b6:64:28:be:02:73:c2:e6:12:ac:55:de:35
Signer

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 180KB - Virtual size: 181KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 2KB - Virtual size: 2KB