9631cfca02a598d0c4bf31ff1fc0da47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9631cfca02a598d0c4bf31ff1fc0da47_JaffaCakes118
Size

278KB
MD5

9631cfca02a598d0c4bf31ff1fc0da47
SHA1

65c5ad7c930c2b1d0924b1b070236a0d0db202ac
SHA256

23d694010168c214f60b47e3734ca60938fd893dc2d49aa6e2640098860d90c2
SHA512

fb162c7a0ef4bc0fd5893735177fbdae3350200d4b2f10773d82ad37ebe5a4a22dba949240dd1b1300a7662c43aa12b44d98ba3a0e515b51bcdc1e6c088e94fd
SSDEEP

6144:J4bCG6rzysDrwsSSYtkrD77q3UwQi7bQCAEzoPyZ:JoVTkrwsSSYin77OUZi7kCToqZ

Score

1^/10

Malware Config

Signatures

Files

9631cfca02a598d0c4bf31ff1fc0da47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbfe351f08b236ab7a9b727e9fb0fc78

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15/03/2012, 10:39

Not After

31/12/2039, 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

0f:dd:42:20:36:0c:d9:60:af:32:6d:6d:bf:4e:53:13:24:f9:b3:76
Signer

Actual PE Digest

0f:dd:42:20:36:0c:d9:60:af:32:6d:6d:bf:4e:53:13:24:f9:b3:76

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
VirtualAlloc
GetQueuedCompletionStatus
WriteConsoleOutputCharacterA
GetCalendarInfoA
DeviceIoControl
GlobalLock
GetConsoleCP
ResetEvent
LCMapStringA
VirtualFreeEx
QueryDosDeviceA
GetProcessWorkingSetSize
SetCommMask
FindFirstVolumeW
SetThreadPriority
InterlockedCompareExchange
EnumUILanguagesA
MultiByteToWideChar
UnlockFileEx
CreateEventA
MoveFileExW
ReadProcessMemory
FindFirstFileW
MapUserPhysicalPagesScatter
CompareStringW
FindFirstVolumeMountPointA
LocalHandle
SetConsoleCursor
GetVersionExW
GetPrivateProfileSectionNamesW
SizeofResource
WriteProfileSectionW
VerifyVersionInfoW
CreateMutexA
SetUnhandledExceptionFilter
GlobalHandle
GetConsoleAliasExesLengthA
WideCharToMultiByte
OpenFileMappingA
UnhandledExceptionFilter
GetWindowsDirectoryW
GlobalSize
OutputDebugStringA
GetModuleFileNameW
EnumDateFormatsExW
SwitchToThread
ChangeTimerQueueTimer
DeleteFileW
WriteConsoleOutputAttribute
FoldStringW
Module32NextW
FreeUserPhysicalPages
GetComputerNameA
EnumDateFormatsW
GetPrivateProfileStringA
GetDevicePowerState
CreateEventW
WriteProfileStringW
SetConsoleScreenBufferSize
CopyFileA
WaitCommEvent
EnumTimeFormatsA
GlobalFindAtomA
OpenWaitableTimerW
HeapValidate
SetConsoleWindowInfo
EraseTape
FindFirstVolumeA
GlobalMemoryStatusEx
GetFileInformationByHandle
ReadConsoleOutputW
SetConsoleCtrlHandler
_hread
ReleaseSemaphore
HeapFree
ResumeThread
MoveFileW
LoadResource
CreateDirectoryA
WriteFileEx
FlushFileBuffers
BeginUpdateResourceW
RtlMoveMemory
SetFileAttributesW
EnumSystemLocalesA
FlushConsoleInputBuffer
Heap32ListNext
GetWriteWatch
ConnectNamedPipe
FillConsoleOutputCharacterA
UpdateResourceW
ReadConsoleOutputA
lstrcpy
EndUpdateResourceW
SetProcessWorkingSetSize
GetThreadContext

user32

IMPSetIMEA
DrawTextA
CopyAcceleratorTableW
AllowSetForegroundWindow
SendNotifyMessageW
DdeUninitialize
EnumDisplaySettingsExW
PostQuitMessage
SendMessageCallbackA
EnumDisplayDevicesA
CreatePopupMenu
RegisterDeviceNotificationW
ExitWindowsEx
EnumThreadWindows
SetPropA
GetClipboardFormatNameA
SetRectEmpty
GetDCEx
wvsprintfA
IsChild
WaitMessage
GetInputState
GetMenuItemCount
IsHungAppWindow
DdeNameService
FlashWindowEx
LoadIconA
CallMsgFilter
DdeUnaccessData
IsCharUpperW
WINNLSEnableIME
RegisterClassExA
DdeCmpStringHandles
TranslateAcceleratorA
LockWorkStation
GetKeyboardState
FrameRect
GetTopWindow
CreateCursor
VkKeyScanExW
RealGetWindowClassW
ReleaseDC
CreateDialogParamW
CallWindowProcW
WINNLSGetIMEHotkey
UpdateWindow
ToAsciiEx
DdeQueryStringA
CharPrevA
MonitorFromWindow
ShowCursor
SetClassLongW
GetScrollInfo
MessageBoxExW
ModifyMenuW
LoadKeyboardLayoutA
DdeGetData
SwitchToThisWindow
MsgWaitForMultipleObjectsEx
SendIMEMessageExA
DrawCaption
CreateDialogIndirectParamA
SetFocus
SetWindowsHookA
DdeKeepStringHandle
DdePostAdvise
DragDetect
GetPropW
UnregisterClassW
WaitForInputIdle
ChangeDisplaySettingsW
GetThreadDesktop
GetParent
CreateDialogParamA
DlgDirListA
CheckMenuItem
GetNextDlgGroupItem
IMPGetIMEW
SetWindowTextW
GetCursorInfo
OpenDesktopA
WINNLSGetEnableStatus
TranslateMDISysAccel
NotifyWinEvent
CloseDesktop
LoadCursorA
DrawMenuBar
TileWindows
ToAscii
GetClipboardSequenceNumber
SetMessageExtraInfo
TrackPopupMenu
SetForegroundWindow
DialogBoxParamW
IsWindowEnabled
PackDDElParam

advapi32

RegOpenKeyExW

shell32

DragQueryFileW
SHCreateProcessAsUserW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetDiskFreeSpaceA
WOWShellExecute
Shell_NotifyIconW
SHPathPrepareForWriteA
SHGetDataFromIDListA
DragQueryFileA
SHAddToRecentDocs
SHGetDiskFreeSpaceExA
ShellExecuteExW
SHGetFolderPathW
SHQueryRecycleBinA
ShellExecuteEx
SHAppBarMessage
DoEnvironmentSubstW
SHLoadInProc
SHLoadNonloadedIconOverlayIdentifiers
DuplicateIcon
ExtractIconExW
SHBrowseForFolder
SHGetSettings
SHGetIconOverlayIndexW
SHFileOperationW
SHBrowseForFolderA
SHFreeNameMappings
ShellExecuteW
SHGetFileInfoA
SHBrowseForFolderW
DoEnvironmentSubstA
SHFormatDrive
SHIsFileAvailableOffline
ExtractAssociatedIconW
SHCreateDirectoryExA
ExtractAssociatedIconA
SHGetFolderLocation
SHGetFileInfo
ExtractAssociatedIconExW
SHCreateDirectoryExW
SHGetPathFromIDListA
CommandLineToArgvW
ShellAboutW
ShellHookProc
DragQueryPoint
Shell_NotifyIconA
DragQueryFile
SHGetDataFromIDListW
ExtractIconExA
SHGetDesktopFolder
CheckEscapesW
SHGetSpecialFolderPathA
SHInvokePrinterCommandA
SHQueryRecycleBinW

shlwapi

StrRStrIW
StrChrIA
StrStrW
StrRChrIA
StrStrIA
StrCmpNIW
StrCmpNW
StrChrW
StrRChrA
StrChrIW
StrRStrIA
StrCmpNA
StrChrA
StrCmpNIA
StrStrA

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbfe351f08b236ab7a9b727e9fb0fc78

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

0f:dd:42:20:36:0c:d9:60:af:32:6d:6d:bf:4e:53:13:24:f9:b3:76Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 265KB - Virtual size: 264KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

0f:dd:42:20:36:0c:d9:60:af:32:6d:6d:bf:4e:53:13:24:f9:b3:76
Signer

.text
Size: 265KB - Virtual size: 264KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB