a15c3d024d246368a59c5e9f4a9809af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a15c3d024d246368a59c5e9f4a9809af_JaffaCakes118
Size

76KB
MD5

a15c3d024d246368a59c5e9f4a9809af
SHA1

0ea775c53e5d4480e655c90482825c35c3215cda
SHA256

86a1f9527e3ea4db832d319555bef0369277e575f8f40a33e05885b75a31d835
SHA512

6d4f0724fd9cd1d962ae09723ef3679e3ad8e39f1d6e1ab53d3c5eee24ccd93946c38a634347d86e65dbbcbb19bd1d90ea98ab0763498c6da6f1ce53ae1a1541
SSDEEP

1536:W4h9j/NSNvzYhEtVp7hgfxHJQIER94Tpo9S998hPBw:WW9RSNbmWVp7hgf3DER94Ti9tPBw

Score

1^/10

Malware Config

Signatures

Files

a15c3d024d246368a59c5e9f4a9809af_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27c356765b9ab8092cbb8eb7c6552602

Code Sign

59:52:4b:90:0c:c6:56:79:b9:60:98:70:86:d7:5b:4e
Certificate

Issuer

CN=qw34t123tc125c1

Not Before

22/02/2012, 06:51

Not After

31/12/2039, 23:59

Subject

CN=qw34t123tc125c1

Extended Key Usages

ExtKeyUsageCodeSigning

9d:36:cd:66:03:a6:4f:08:d3:2e:8d:78:ef:7a:af:50:21:d9:02:00
Signer

Actual PE Digest

9d:36:cd:66:03:a6:4f:08:d3:2e:8d:78:ef:7a:af:50:21:d9:02:00

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetProcAddress
LoadLibraryA
VirtualAlloc
GetWindowsDirectoryW

user32

DdeClientTransaction
DdeConnect
DdeDisconnectList
DdeGetLastError
DdeImpersonateClient
DdeReconnect
DefDlgProcA
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DialogBoxParamA
DlgDirListComboBoxA
DlgDirListW
DrawIconEx
EndTask
EnumClipboardFormats
EnumDesktopsA
EnumDisplaySettingsA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EqualRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowExA
FindWindowW
FlashWindowEx
FrameRect
GetActiveWindow
GetClassInfoExW
GetClassNameA
GetClipCursor
GetDC
GetDCEx
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetFocus
GetGUIThreadInfo
GetIconInfo
GetKeyboardLayout
GetKeyboardLayoutNameW
GetKeyboardType
GetMenuContextHelpId
GetMenuInfo
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMessageExtraInfo
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetParent
GetQueueStatus
GetScrollBarInfo
GetSystemMenu
DdeAddData
GetUserObjectInformationA
GetWindowLongA
GetWindowModuleFileNameA
GetWindowTextA
GetWindowTextW
IMPSetIMEW
InSendMessageEx
InflateRect
InvalidateRgn
IsCharAlphaNumericW
IsClipboardFormatAvailable
IsDlgButtonChecked
IsRectEmpty
IsWindowEnabled
IsWindowVisible
LoadAcceleratorsA
LoadBitmapW
LoadCursorFromFileA
LoadImageA
LoadKeyboardLayoutW
MapVirtualKeyA
MapVirtualKeyExA
MessageBeep
ModifyMenuA
MonitorFromRect
MsgWaitForMultipleObjects
OpenDesktopA
RealGetWindowClass
RegisterClassA
RegisterClipboardFormatW
RegisterDeviceNotificationW
SendIMEMessageExA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCaretBlinkTime
SetCaretPos
SetCursor
SetDlgItemTextW
SetLastErrorEx
SetMenu
SetMenuItemBitmaps
SetProcessDefaultLayout
SetProcessWindowStation
SetShellWindow
SetWindowTextA
SetWindowTextW
SetWindowWord
SetWindowsHookExA
ShowOwnedPopups
TabbedTextOutA
ToUnicodeEx
TrackMouseEvent
UnionRect
UnregisterClassW
UnregisterDeviceNotification
WINNLSEnableIME
WINNLSGetEnableStatus
wsprintfW
wvsprintfW
DdeAbandonTransaction
CreateMenu
CreateMDIWindowW
CreateIcon
CreateDialogIndirectParamW
CreateAcceleratorTableW
CountClipboardFormats
CharUpperBuffW
CharToOemW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeDisplaySettingsA
CascadeChildWindows
CallNextHookEx
CallMsgFilterA
CallMsgFilter
BroadcastSystemMessageW
BroadcastSystemMessageA
BeginPaint
AdjustWindowRect
GetSystemMetrics

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
ChooseColorA

ole32

CLSIDFromProgID
CLSIDFromProgIDEx
CoAllowSetForegroundWindow
CoBuildVersion
CoCreateInstance
CoDisconnectObject
CoFileTimeNow
CoFreeAllLibraries
CoGetCallContext
CoGetCancelObject
CoGetClassObject
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetMarshalSizeMax
CoGetObject
CoGetObjectContext
CoGetStandardMarshal
CoGetTreatAsClass
CoInitialize
CoInitializeSecurity
CoInitializeWOW
CoMarshalHresult
CoQueryAuthenticationServices
CoRegisterChannelHook
CoRegisterMessageFilter
CoRegisterSurrogate
CoRegisterSurrogateEx
CoReleaseServerProcess
CoRevokeMallocSpy
CoSetProxyBlanket
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemFree
CoTreatAsClass
CoUnloadingWOW
CoUnmarshalInterface
CreateAntiMoniker
CreateDataCache
CreateGenericComposite
CreateILockBytesOnHGlobal
CreateObjrefMoniker
CreateOleAdviseHolder
CreatePointerMoniker
CreateStdProgressIndicator
FmtIdToPropStgName
FreePropVariantArray
GetConvertStg
GetDocumentBitStg
GetHGlobalFromILockBytes
GetRunningObjectTable
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBRUSH_UserFree
HDC_UserFree
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserSize
HGLOBAL_UserMarshal
HGLOBAL_UserUnmarshal
HICON_UserMarshal
HMENU_UserFree
HMENU_UserMarshal
HMENU_UserSize
HMETAFILE_UserFree
HMETAFILE_UserSize
HMETAFILE_UserUnmarshal
HPALETTE_UserFree
HWND_UserMarshal
OleCreateDefaultHandler
OleCreateEmbeddingHelper
OleCreateFromDataEx
OleCreateLinkEx
OleCreateLinkFromDataEx
OleCreateLinkToFile
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDraw
OleGetIconOfClass
OleInitializeWOW
OleIsRunning
OleMetafilePictFromIconAndLabel
OleNoteObjectVisible
OleQueryCreateFromData
OleQueryLinkFromData
OleRegGetUserType
OleSave
OleSaveToStream
OleSetClipboard
OleUninitialize
OpenOrCreateStream
PropVariantCopy
ReadFmtUserTypeStg
ReadStringStream
RegisterDragDrop
RevokeDragDrop
SNB_UserFree
SNB_UserMarshal
SNB_UserSize
STGMEDIUM_UserFree
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgConvertPropertyToVariant
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgCreatePropStg
StgCreateStorageEx
StgGetIFillLockBytesOnFile
StgGetIFillLockBytesOnILockBytes
StgOpenPropStg
StgOpenStorage
StgOpenStorageOnILockBytes
StgPropertyLengthAsVariant
StgSetTimes
StringFromIID
UtConvertDvtd32toDvtd16
UtGetDvtd32Info
WdtpInterfacePointer_UserSize
WriteClassStg
WriteClassStm
WriteOleStg

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27c356765b9ab8092cbb8eb7c6552602

Code Sign

59:52:4b:90:0c:c6:56:79:b9:60:98:70:86:d7:5b:4eCertificate

Extended Key Usages

9d:36:cd:66:03:a6:4f:08:d3:2e:8d:78:ef:7a:af:50:21:d9:02:00Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 620B

.text6 Size: 2KB - Virtual size: 1KB

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 57KB - Virtual size: 56KB

.reloc Size: 2KB - Virtual size: 1KB

59:52:4b:90:0c:c6:56:79:b9:60:98:70:86:d7:5b:4e
Certificate

9d:36:cd:66:03:a6:4f:08:d3:2e:8d:78:ef:7a:af:50:21:d9:02:00
Signer

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 620B

.text6
Size: 2KB - Virtual size: 1KB

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 57KB - Virtual size: 56KB

.reloc
Size: 2KB - Virtual size: 1KB