a5da935323f34564556696b32655d6c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5da935323f34564556696b32655d6c2_JaffaCakes118
Size

204KB
MD5

a5da935323f34564556696b32655d6c2
SHA1

6c453e2daa3a6a0e481c411c5528edc03b7f3ee7
SHA256

385103f0f9b3592583505855fce0f6487b2e565e205900209a5bd3f5341d793f
SHA512

cc25a6f9a91b94d5d641a3bf46e1ab04a2c22183938570c01fd1bcb85f57f26bb0619ad8874d5a8cb392546355cbc6bb96acb93e1dbc256876c4a8fabb90fa0d
SSDEEP

3072:gIy1CLzn5SMGyIjH9PRnv6z9yhBMhHfNKN5cBWynXf3u9T/TEdSD2TwRCZRzcGqU:g7MLBOdJnBUl25cBWi3wsdSDGwgbF

Score

1^/10

Malware Config

Signatures

Files

a5da935323f34564556696b32655d6c2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6be73745dde5868e3fd1d333792dd799

Code Sign

07:c3:94:9e:10:f8:5a:9d:47:0d:6c:e0:f3:4b:d0:d8
Certificate

Issuer

CN=XEIj0jUsp4Ey72L

Not Before

10/04/2012, 05:43

Not After

31/12/2039, 23:59

Subject

CN=XEIj0jUsp4Ey72L

Extended Key Usages

ExtKeyUsageCodeSigning

fd:83:5c:49:32:bb:5f:bf:10:51:b9:1d:b3:45:de:d6:74:d8:b0:cb
Signer

Actual PE Digest

fd:83:5c:49:32:bb:5f:bf:10:51:b9:1d:b3:45:de:d6:74:d8:b0:cb

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryW
VirtualAlloc
AddConsoleAliasW
AllocConsole
Beep
BeginUpdateResourceW
CallNamedPipeW
CancelWaitableTimer
ConvertThreadToFiber
CreateConsoleScreenBuffer
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateMutexA
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EndUpdateResourceA
EnumLanguageGroupLocalesA
EnumSystemCodePagesA
EnumSystemLocalesW
EnumTimeFormatsW
EraseTape
ExitThread
FatalAppExitA
FillConsoleOutputCharacterA
FlushViewOfFile
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeResource
FreeUserPhysicalPages
GetBinaryTypeA
GetCPInfoExW
GetCommTimeouts
GetCompressedFileSizeW
GetComputerNameA
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeW
GetFileTime
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetOverlappedResult
GetPriorityClass
GetPrivateProfileSectionNamesA
GetProcessIoCounters
GetShortPathNameA
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetThreadPriorityBoost
GetTimeZoneInformation
GetVolumePathNameA
GetWindowsDirectoryA
GlobalHandle
GlobalUnlock
InterlockedCompareExchange
IsBadCodePtr
IsBadStringPtrW
LocalHandle
LocalLock
Module32Next
MulDiv
OpenEventW
OpenJobObjectA
OpenSemaphoreA
OpenThread
PurgeComm
QueryDosDeviceW
ReplaceFile
RequestWakeupLatency
ResetEvent
ResumeThread
RtlZeroMemory
SetCommBreak
SetCommState
SetComputerNameA
SetConsoleCursorInfo
SetConsoleTitleA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetEvent
SetFilePointerEx
SetLocaleInfoA
SetMailslotInfo
SetNamedPipeHandleState
SetSystemTime
SetThreadExecutionState
SetTimerQueueTimer
SetUnhandledExceptionFilter
SetVolumeMountPointA
SetWaitableTimer
TlsAlloc
UpdateResourceA
VirtualAllocEx
VirtualProtect
VirtualQueryEx
WaitForDebugEvent
WaitForSingleObject
WaitNamedPipeA
WriteConsoleOutputA
WriteFileGather
WritePrivateProfileSectionA
_lclose
lstrcatA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

user32

BroadcastSystemMessageA
CallWindowProcA
CascadeChildWindows
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsW
ChangeMenuA
CharLowerW
CharPrevW
CharToOemW
CharUpperBuffA
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClipCursor
CloseWindow
CloseWindowStation
CopyAcceleratorTableW
CopyIcon
CreateAcceleratorTableW
CreateCursor
CreateDesktopA
CreateDialogIndirectParamA
CreateDialogParamA
CreateDialogParamW
CreateIconFromResource
CreateIconIndirect
CreateWindowStationW
DdeAddData
DdeClientTransaction
DdeCreateDataHandle
DdeDisconnect
DdeEnableCallback
DdeFreeDataHandle
DdeGetData
DdeInitializeW
DdeKeepStringHandle
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeReconnect
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefFrameProcA
DefWindowProcA
DefWindowProcW
DeregisterShellHookWindow
DestroyCaret
DestroyIcon
DestroyMenu
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DlgDirSelectExA
DlgDirSelectExW
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
BlockInput
DrawTextExW
EmptyClipboard
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EnumDesktopWindows
EnumDesktopsA
EnumDisplayDevicesA
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumPropsA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsW
ExitWindowsEx
FindWindowExA
FindWindowExW
FreeDDElParam
GetActiveWindow
GetAltTabInfo
GetAltTabInfoW
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassNameA
GetClassWord
GetClipboardData
GetClipboardOwner
GetComboBoxInfo
GetCursor
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetFocus
GetGUIThreadInfo
GetIconInfo
GetInputDesktop
GetInputState
GetKBCodePage
GetKeyNameTextW
GetKeyboardState
GetLastInputInfo
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuItemInfoA
GetMenuStringA
GetMessageExtraInfo
GetMessagePos
GetMonitorInfoW
GetNextDlgTabItem
GetOpenClipboardWindow
GetPriorityClipboardFormat
GetProcessWindowStation
GetPropW
GetQueueStatus
GetScrollBarInfo
GetSubMenu
GetSysColor
GetSystemMetrics
GetThreadDesktop
GetTitleBarInfo
GetTopWindow
GetUpdateRgn
GetUserObjectInformationA
GetWindow
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowTextA
GetWindowTextW
GetWindowThreadProcessId
IMPGetIMEA
IMPGetIMEW
IMPQueryIMEA
IMPSetIMEW
InsertMenuW
InternalGetWindowText
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerA
IsChild
IsDialogMessageA
IsDialogMessageW
IsHungAppWindow
IsIconic
KillTimer
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorW
LoadImageA
LoadKeyboardLayoutA
LoadMenuIndirectW
LoadMenuW
LoadStringA
LookupIconIdFromDirectory
LookupIconIdFromDirectoryEx
MapVirtualKeyExA
MapVirtualKeyExW
MessageBoxExA
MessageBoxExW
MessageBoxW
MoveWindow
MsgWaitForMultipleObjectsEx
OemKeyScan
OemToCharBuffA
OpenDesktopA
OpenDesktopW
OpenWindowStationW
PostMessageA
PostMessageW
PostThreadMessageA
RedrawWindow
RegisterClassExA
RegisterClipboardFormatA
RegisterHotKey
RegisterWindowMessageA
ReleaseDC
RemoveMenu
ReuseDDElParam
ScreenToClient
SendDlgItemMessageW
SendIMEMessageExW
SendInput
SendMessageA
SendMessageCallbackW
SetCapture
SetClassLongW
SetCursor
SetCursorPos
SetDeskWallpaper
SetLayeredWindowAttributes
SetMenu
SetProcessWindowStation
SetPropA
SetRectEmpty
SetScrollInfo
SetShellWindow
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowWord
SetWindowsHookExW
ShowCaret
ShowScrollBar
ShowWindow
ShowWindowAsync
SubtractRect
SwitchDesktop
SystemParametersInfoA
TabbedTextOutW
ToAscii
ToAsciiEx
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHook
UnionRect
UnregisterDeviceNotification
UpdateLayeredWindow
UpdateWindow
UserHandleGrantAccess
ValidateRect
ValidateRgn
VkKeyScanExA
VkKeyScanW
WinHelpA
WindowFromDC
WindowFromPoint
keybd_event
AppendMenuA
AnyPopup
AdjustWindowRectEx
ActivateKeyboardLayout
DrawTextExA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6be73745dde5868e3fd1d333792dd799

Code Sign

07:c3:94:9e:10:f8:5a:9d:47:0d:6c:e0:f3:4b:d0:d8Certificate

Extended Key Usages

fd:83:5c:49:32:bb:5f:bf:10:51:b9:1d:b3:45:de:d6:74:d8:b0:cbSigner

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 184KB - Virtual size: 184KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 2KB - Virtual size: 2KB

07:c3:94:9e:10:f8:5a:9d:47:0d:6c:e0:f3:4b:d0:d8
Certificate

fd:83:5c:49:32:bb:5f:bf:10:51:b9:1d:b3:45:de:d6:74:d8:b0:cb
Signer

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 184KB - Virtual size: 184KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 2KB - Virtual size: 2KB