9557fc77da415cb95e43f9f5849ec15e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9557fc77da415cb95e43f9f5849ec15e_JaffaCakes118
Size

71KB
MD5

9557fc77da415cb95e43f9f5849ec15e
SHA1

dc8a5f85ffd4dc085e7bdbc6cca7fc42133e26f2
SHA256

2f5746300222545660e3e061c5aab1d6ccf42b1e61ec1d2cb944d9319d5cae50
SHA512

397faf0df459aeaa423f1b5e3b1b3a9e5eb6d4f47c05a861667b2b389d0b6889a2175ca9790a6a733260127c967c0edb09bdfa9005b2978e9fb2754b72ade978
SSDEEP

1536:Ep6v+vxxVgAY2X5mNxjdSFEMR0TpcI5hhdesP:EsjYX5mfuEMeTpc8es

Score

1^/10

Malware Config

Signatures

Files

9557fc77da415cb95e43f9f5849ec15e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

89f5fd2a5dccd58e5295da44bbe5dc0a

Code Sign

1c:eb:dc:37:aa:da:65:98:49:49:60:29:ff:08:3c:5a
Certificate

Issuer

CN=ovy75l9gfjeQ

Not Before

12-03-2012 16:20

Not After

31-12-2039 23:59

Subject

CN=ovy75l9gfjeQ

Extended Key Usages

ExtKeyUsageCodeSigning

6a:6e:f6:55:a5:11:50:40:67:a6:99:71:b9:a8:16:33:f5:ee:9d:25
Signer

Actual PE Digest

6a:6e:f6:55:a5:11:50:40:67:a6:99:71:b9:a8:16:33:f5:ee:9d:25

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
InterlockedCompareExchange
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetProcAddress
CreateFileA
VirtualAlloc
AllocConsole
AssignProcessToJobObject
BeginUpdateResourceW
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
CancelTimerQueueTimer
CloseHandle
ConnectNamedPipe
CopyFileW
CreateHardLinkA
CreateIoCompletionPort
CreateJobObjectA
CreateMutexW
CreateNamedPipeA
CreateRemoteThread
DebugActiveProcess
DeleteTimerQueueTimer
ExitThread
FatalAppExitA
FileTimeToDosDateTime
FindAtomA
FindFirstChangeNotificationW
FindFirstFileExA
FindVolumeClose
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
GetCPInfo
GetCommProperties
GetCompressedFileSizeA
GetConsoleTitleA
GetConsoleWindow
GetCurrentConsoleFont
GetCurrentThread
GetDiskFreeSpaceExA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileSize
GetFileType
GetLongPathNameA
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetPrivateProfileStructA
GetProcessShutdownParameters
GetProfileSectionA
GetStdHandle
GetSystemWindowsDirectoryW
GetTapePosition
GetThreadSelectorEntry
GlobalFindAtomW
GlobalGetAtomNameW
GlobalMemoryStatusEx
GlobalReAlloc
GlobalUnWire
Heap32ListFirst
InterlockedDecrement
IsBadStringPtrA
IsDebuggerPresent
LocalFileTimeToFileTime
LocalHandle
LocalUnlock
MapUserPhysicalPages
Module32NextW
MultiByteToWideChar
OpenFileMappingW
OpenWaitableTimerW
PeekConsoleInputA
PeekNamedPipe
PostQueuedCompletionStatus
Process32Next
ProcessIdToSessionId
PurgeComm
ReadProcessMemory
ReplaceFile
RequestDeviceWakeup
ResetWriteWatch
SetCommBreak
SetComputerNameExW
SetDefaultCommConfigW
SetEnvironmentVariableA
SetFileTime
SetTimerQueueTimer
SetVolumeLabelW
SetupComm
TerminateProcess
Thread32First
UpdateResourceA
WriteConsoleOutputA
_hread
_lclose
_lwrite
lstrcat
lstrcpyn

user32

RemoveMenu
ScreenToClient
SendNotifyMessageW
SetActiveWindow
SetCapture
SetClipboardViewer
SetDlgItemInt
SetKeyboardState
SetMenu
SetPropA
SetRectEmpty
SetShellWindow
SetThreadDesktop
SetWinEventHook
SetWindowRgn
SetWindowsHookExA
ShowOwnedPopups
SubtractRect
SystemParametersInfoW
TrackMouseEvent
TranslateAcceleratorW
TranslateMDISysAccel
UnregisterDeviceNotification
WINNLSGetEnableStatus
mouse_event
ReleaseDC
ReleaseCapture
RegisterClassExA
PaintDesktop
MessageBoxIndirectW
MapDialogRect
LoadKeyboardLayoutA
LoadIconW
LoadCursorA
LoadAcceleratorsW
IsCharLowerW
IsCharLowerA
HiliteMenuItem
HideCaret
GrayStringW
GetScrollBarInfo
GetQueueStatus
GetPropW
GetMonitorInfoA
GetMenuStringW
GetMenuContextHelpId
GetLastInputInfo
GetLastActivePopup
GetKeyboardLayoutNameW
GetFocus
GetDlgCtrlID
GetDesktopWindow
GetComboBoxInfo
GetClipboardData
GetClassWord
GetClassNameA
GetClassInfoExA
GetAsyncKeyState
GetAncestor
GetAltTabInfoW
GetAltTabInfoA
EnumThreadWindows
EnumDisplaySettingsW
EnumChildWindows
EnableMenuItem
DrawTextExW
DrawIconEx
DlgDirListComboBoxW
DispatchMessageW
DestroyWindow
DestroyCaret
DeregisterShellHookWindow
DefWindowProcW
DefWindowProcA
DefFrameProcA
DdeQueryNextServer
DdeGetLastError
DdeCreateDataHandle
DdeConnectList
DdeAddData
CreateIconIndirect
CreateDialogParamW
CopyImage
CloseClipboard
CheckMenuRadioItem
ChangeDisplaySettingsExW
ChangeClipboardChain
CascadeWindows
ArrangeIconicWindows
EndMenu

shell32

SHEmptyRecycleBinW
Shell_NotifyIcon
ShellHookProc
ShellExecuteExW
ShellExecuteA
ShellAboutW
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHLoadInProc
CommandLineToArgvW
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconA
ExtractAssociatedIconExW
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableW
SHIsFileAvailableOffline
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateDirectoryExW
SHEmptyRecycleBinA
Shell_NotifyIconA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetMalloc
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHInvokePrinterCommandW

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNW
StrRChrA
StrRChrIW
StrRStrIA
StrStrIA
StrStrIW

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g4
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.g3
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89f5fd2a5dccd58e5295da44bbe5dc0a

Code Sign

1c:eb:dc:37:aa:da:65:98:49:49:60:29:ff:08:3c:5aCertificate

Extended Key Usages

6a:6e:f6:55:a5:11:50:40:67:a6:99:71:b9:a8:16:33:f5:ee:9d:25Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 1024B - Virtual size: 948B

.g4 Size: 512B - Virtual size: 1B

.g3 Size: 512B - Virtual size: 1B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

1c:eb:dc:37:aa:da:65:98:49:49:60:29:ff:08:3c:5a
Certificate

6a:6e:f6:55:a5:11:50:40:67:a6:99:71:b9:a8:16:33:f5:ee:9d:25
Signer

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 1024B - Virtual size: 948B

.g4
Size: 512B - Virtual size: 1B

.g3
Size: 512B - Virtual size: 1B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB