a84a9bd4c0a152e80d4f2d0a91a7bcab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a84a9bd4c0a152e80d4f2d0a91a7bcab_JaffaCakes118
Size

180KB
MD5

a84a9bd4c0a152e80d4f2d0a91a7bcab
SHA1

ad3bdad2dcc095604004b4d12772e60844317ff2
SHA256

2528d272785d2bf3b06ac65e79cc887ae8b763b35c47a37a3c1d66b99921b946
SHA512

e526e8e3be4200ea9b855634ea7ae6a671ec4a9c7ad7450d502eb49ec23e236a8ca8a17230ba1e74484e9035253c5acff5bf8a5200c3a7ddeaa5e763d4e1bab0
SSDEEP

3072:dL5xdoLT7jcBwcvDjPyrlfAS+3Js6zT5IXR3fB:dXdkczSfn+3Tz+pB

Score

1^/10

Malware Config

Signatures

Files

a84a9bd4c0a152e80d4f2d0a91a7bcab_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

0f34232f88485bb268b1350b1bde5488

Code Sign

7c:ec:e0:2f:9e:e8:78:47:b1:00:78:e4:10:2c:f2:c7
Certificate

Issuer

CN=BMW,O=BMW,L=Hamburg,C=DE,1.2.840.113549.1.9.1=#0c0e737570706f727440626d772e6465

Not Before

17/01/2012, 00:00

Not After

17/01/2014, 23:59

Subject

CN=BMW,O=BMW,L=Hamburg,C=DE,1.2.840.113549.1.9.1=#0c0e737570706f727440626d772e6465

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
FreeLibrary
lstrlenA
lstrcmpiA
MultiByteToWideChar
IsDBCSLeadByte
lstrlenW
GetLastError
LoadLibraryExA
CloseHandle
LoadLibraryA
GetProcAddress
CreateThread
CreateDirectoryA
ExpandEnvironmentStringsA
GetFileAttributesA
CreateFileA
SetFilePointer
GetSystemTime
GetTimeFormatA
WriteFile
GetVersionExA
GetModuleFileNameA
RaiseException
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleHandleA
WideCharToMultiByte
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
ExitProcess
VirtualFree
HeapCreate
GetStdHandle
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW

user32

CharNextA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA

shell32

SHGetSpecialFolderPathA

ole32

CoTaskMemAlloc
CoCreateInstance
CoGetClassObject
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc

oleaut32

SafeArrayUnlock
SafeArrayDestroy
DispCallFunc
VariantInit
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetVartype
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysStringLen
VariantClear
VariantCopy
VarUI4FromStr
SafeArrayLock

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f34232f88485bb268b1350b1bde5488

Code Sign

7c:ec:e0:2f:9e:e8:78:47:b1:00:78:e4:10:2c:f2:c7Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 11KB

7c:ec:e0:2f:9e:e8:78:47:b1:00:78:e4:10:2c:f2:c7
Certificate

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 11KB