a58809f2c18bb9aeb9143b50d94e1af7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a58809f2c18bb9aeb9143b50d94e1af7_JaffaCakes118
Size

54KB
MD5

a58809f2c18bb9aeb9143b50d94e1af7
SHA1

bdb8d0d52fc35f113126bb449543173445f27852
SHA256

34606bb6b8ef655d919d2ecbd04e33482f5ce89d737d7549d266a7a5e85afeca
SHA512

767a5165bd1afdaf5ed3e5757d8761c424b9c0b298d916d6e33dbabea21179331d49a3fd215f6ea2ccb85f03a8df8a9e51e6853d5533d3418eb226d77ad60d3d
SSDEEP

768:9waKSUbJUNgJYoTq7veFU2O5yBBnHSDgZJ6WzssO+wcSDPnGMEaOEpbp4m:yavUbJQoTqDeFXQAUgZrGDvlE8Z

Score

1^/10

Malware Config

Signatures

Files

a58809f2c18bb9aeb9143b50d94e1af7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

13ad15ef2afd0a1ffbf1e1f97761291f

Code Sign

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75
Certificate

Issuer

CN=etyy inc

Not Before

22/01/2012, 08:05

Not After

31/12/2039, 23:59

Subject

CN=etyy inc

Extended Key Usages

ExtKeyUsageCodeSigning

5e:f2:63:5d:dd:f8:6b:52:e9:30:60:7d:ed:bf:7e:88:23:4f:79:74
Signer

Actual PE Digest

5e:f2:63:5d:dd:f8:6b:52:e9:30:60:7d:ed:bf:7e:88:23:4f:79:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
lstrcatW
GetWindowsDirectoryW
GetProcessHeap
LoadLibraryA
GetProcAddress
GetSystemInfo
AddAtomW
BackupSeek
CancelWaitableTimer
CompareStringW
CopyFileExW
CreateDirectoryExA
CreateFileA
CreateHardLinkW
CreateNamedPipeA
CreatePipe
DebugBreak
DefineDosDeviceA
DeleteFileA
DnsHostnameToComputerNameW
EnumCalendarInfoA
EnumResourceLanguagesA
FileTimeToDosDateTime
FillConsoleOutputCharacterW
FindFirstChangeNotificationW
FindFirstFileExW
FindNextChangeNotification
FindNextVolumeA
FindVolumeMountPointClose
FlushConsoleInputBuffer
GetCPInfoExW
GetCommProperties
GetCommandLineA
GetCompressedFileSizeA
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleCP
GetConsoleDisplayMode
GetConsoleTitleW
GetCurrencyFormatA
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceW
GetFileSizeEx
GetFullPathNameA
GetLocaleInfoW
GetLogicalDriveStringsA
GetModuleHandleW
GetNumberFormatA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcessHeaps
GetProcessTimes
GetProfileIntW
GetSystemDefaultLangID
GetSystemTimeAdjustment
GetSystemWindowsDirectoryW
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVolumeNameForVolumeMountPointW
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
HeapDestroy
InitAtomTable
InitializeCriticalSection
IsBadHugeReadPtr
IsDebuggerPresent
IsSystemResumeAutomatic
LocalShrink
MapUserPhysicalPagesScatter
Module32NextW
MoveFileA
MoveFileExW
OpenProcess
OpenSemaphoreA
PeekConsoleInputA
PeekNamedPipe
PurgeComm
ReadDirectoryChangesW
ReadFileEx
ReplaceFile
SetConsoleCursorInfo
SetConsoleScreenBufferSize
SetEnvironmentVariableA
SetEvent
SetFileAttributesA
SetSystemPowerState
SetThreadLocale
SwitchToThread
TerminateThread
TlsSetValue
TryEnterCriticalSection
VerLanguageNameW
VirtualProtect
WaitNamedPipeA
WritePrivateProfileSectionW
lstrcmpi
lstrcpynW

user32

AdjustWindowRect
AnyPopup
BringWindowToTop
CharPrevW
CharToOemBuffA
ClientToScreen
CreateDesktopA
CreateDesktopW
CreateMDIWindowW
CreateWindowExW
DdeCmpStringHandles
DdeQueryStringW
DdeSetUserHandle
DefFrameProcA
DeferWindowPos
DialogBoxIndirectParamA
DlgDirSelectComboBoxExW
DragDetect
DragObject
DrawFrameControl
DrawStateA
EnableMenuItem
EnableScrollBar
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumWindowStationsA
FindWindowA
GetAncestor
GetClassInfoExA
GetClassInfoW
GetClassLongA
GetClassNameW
GetClipboardFormatNameW
GetDC
GetDialogBaseUnits
GetDlgItem
GetIconInfo
GetKeyNameTextA
GetMenuItemRect
GetNextDlgTabItem
GetUpdateRect
GetWindow
GetWindowLongW
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowRgn
GetWindowThreadProcessId
GetWindowWord
GrayStringA
HideCaret
IMPGetIMEA
InternalGetWindowText
InvalidateRect
IsCharUpperA
IsDialogMessageW
IsWindowUnicode
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutW
LockWindowUpdate
MapVirtualKeyExW
ModifyMenuW
MsgWaitForMultipleObjectsEx
OpenDesktopA
RegisterDeviceNotificationA
ReuseDDElParam
ScrollWindow
SendDlgItemMessageW
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetClassLongA
SetClipboardData
SetDoubleClickTime
SetFocus
SetForegroundWindow
SetLastErrorEx
SetMessageExtraInfo
SetRect
SetScrollPos
SetThreadDesktop
SetTimer
SetUserObjectSecurity
SetWindowLongW
ShowWindowAsync
SubtractRect
SwitchToThisWindow
TabbedTextOutA
TrackPopupMenu
UnloadKeyboardLayout
mouse_event

ole32

BindMoniker
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCancelCall
CoFileTimeNow
CoFreeAllLibraries
CoGetCallContext
CoGetCancelObject
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetInterfaceAndReleaseStream
CoIsOle1Class
CoLockObjectExternal
CoMarshalHresult
CoMarshalInterface
CoQueryProxyBlanket
CoReactivateObject
CoRegisterClassObject
CoRegisterMessageFilter
CoRegisterSurrogate
CoRegisterSurrogateEx
CoRevokeMallocSpy
CoSetCancelObject
CoTreatAsClass
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateAntiMoniker
CreateClassMoniker
CreateFileMoniker
CreateILockBytesOnHGlobal
DllDebugObjectRPCHook
FreePropVariantArray
GetConvertStg
GetHGlobalFromStream
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBITMAP_UserSize
HBITMAP_UserUnmarshal
HBRUSH_UserUnmarshal
HDC_UserUnmarshal
HGLOBAL_UserFree
HICON_UserUnmarshal
HMETAFILE_UserMarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserUnmarshal
HWND_UserUnmarshal
MkParseDisplayName
MonikerCommonPrefixWith
OleCreateDefaultHandler
OleCreateEx
OleCreateFromData
OleCreateFromFileEx
OleCreateLinkEx
OleCreateLinkToFileEx
OleCreateMenuDescriptor
OleGetAutoConvert
OleGetClipboard
OleInitializeWOW
OleLoad
OleQueryCreateFromData
OleRegEnumVerbs
OleSave
OleSetMenuDescriptor
OleTranslateAccelerator
OleUninitialize
OpenOrCreateStream
ReadClassStg
RegisterDragDrop
SNB_UserMarshal
SNB_UserUnmarshal
STGMEDIUM_UserMarshal
StgCreateDocfile
StgCreateStorageEx
StgOpenStorageOnILockBytes
UpdateDCOMSettings
WdtpInterfacePointer_UserFree
WriteClassStg
WriteStringStream

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13ad15ef2afd0a1ffbf1e1f97761291f

Code Sign

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75Certificate

Extended Key Usages

5e:f2:63:5d:dd:f8:6b:52:e9:30:60:7d:ed:bf:7e:88:23:4f:79:74Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 540B

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 1KB

6f:d3:14:21:fd:4c:bd:77:b1:80:da:40:55:e1:f4:75
Certificate

5e:f2:63:5d:dd:f8:6b:52:e9:30:60:7d:ed:bf:7e:88:23:4f:79:74
Signer

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 540B

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 1KB