a0043856ffc36ed6634fb7a66f35646a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0043856ffc36ed6634fb7a66f35646a_JaffaCakes118
Size

426KB
MD5

a0043856ffc36ed6634fb7a66f35646a
SHA1

671960f487e7e23cb8c61c03671191d7584fe7b2
SHA256

01c89d185cea939cb3c61c505649fe1a4dca48d6c4a91e43ebd4fc47f877bdeb
SHA512

90bd12dcdc8502541b5b106b9fef32cd6f96536adc897b73496af09d71d76e5fe9e30fedf565f4c39392a1d6232b5d6fbef7f180b8b16356e46097cfab9d370c
SSDEEP

12288:3Sy56eXTvaf4vwO34x/4GiuGRqz7Ee8PxO6w:3SGXTvafKwcGARqzIe8JZw

Score

1^/10

Malware Config

Signatures

Files

a0043856ffc36ed6634fb7a66f35646a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e39ad497c752f36c5d7414955375497

Code Sign

5d:4a:da:8d:c6:ba:dd:54:bd:3b:19:a4:04:3e:d1:fe
Certificate

Issuer

CN=mdiwtpfstwx

Not Before

29/01/2012, 12:37

Not After

31/12/2039, 23:59

Subject

CN=Gasqipo

92:0b:dc:08:ba:fe:a3:6a:f3:7a:c6:36:52:51:44:15:52:b3:df:0e
Signer

Actual PE Digest

92:0b:dc:08:ba:fe:a3:6a:f3:7a:c6:36:52:51:44:15:52:b3:df:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowOwnedPopups
ChildWindowFromPointEx
GetDlgCtrlID
EndDeferWindowPos
EnumWindows
DefDlgProcA
MessageBoxExA
IsWindowUnicode
SetWindowPos
GetDlgItemInt
CloseWindow
BringWindowToTop
CreateDialogIndirectParamA
SetParent
DeferWindowPos

ole32

OleCreateLinkFromDataEx
CLSIDFromString
OleCreateLinkToFile
OleCreate
OleFlushClipboard
CoTaskMemFree
GetRunningObjectTable
PropVariantClear
StgIsStorageILockBytes
CreateStreamOnHGlobal
CoUnmarshalInterface
OleSetContainedObject
StgCreatePropSetStg
CoMarshalHresult

oledlg

ord12
ord1
ord7
ord2
ord10
ord6
ord11
ord8
ord4
ord5
ord9
ord3

advapi32

RegConnectRegistryA
RegSetValueA
RegRestoreKeyA
RegEnumValueA
RegUnLoadKeyA
RegCloseKey
RegDeleteKeyA

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
GetModuleHandleA
GetStringTypeW
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetStringTypeA
SetLastError
GetProcessHeap
QueryPerformanceCounter
TlsAlloc
LocalHandle
OpenSemaphoreA
VirtualAllocEx
DeleteCriticalSection
CreateMutexA
CompareStringA
CreateEventA
GlobalUnlock
GetUserDefaultLCID
GetProfileSectionA
WritePrivateProfileStringA
WritePrivateProfileStructA
GetProfileIntA
GetProfileStringA
GetPrivateProfileStructA
GetPrivateProfileStringA
GetPrivateProfileSectionA
LCMapStringW
LCMapStringA
MultiByteToWideChar

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e39ad497c752f36c5d7414955375497

Code Sign

5d:4a:da:8d:c6:ba:dd:54:bd:3b:19:a4:04:3e:d1:feCertificate

92:0b:dc:08:ba:fe:a3:6a:f3:7a:c6:36:52:51:44:15:52:b3:df:0eSigner

Headers

File Characteristics

Imports

user32

ole32

oledlg

advapi32

kernel32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 404KB - Virtual size: 404KB

.data Size: 512B - Virtual size: 83KB

.rsrc Size: 5KB - Virtual size: 5KB

5d:4a:da:8d:c6:ba:dd:54:bd:3b:19:a4:04:3e:d1:fe
Certificate

92:0b:dc:08:ba:fe:a3:6a:f3:7a:c6:36:52:51:44:15:52:b3:df:0e
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 404KB - Virtual size: 404KB

.data
Size: 512B - Virtual size: 83KB

.rsrc
Size: 5KB - Virtual size: 5KB