a94204aca6ae6114e86cfd61ff40fb52_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a94204aca6ae6114e86cfd61ff40fb52_JaffaCakes118
Size

423KB
MD5

a94204aca6ae6114e86cfd61ff40fb52
SHA1

96ccafa1077e435d3fa45da590d3d7414a1e8183
SHA256

d2d0ae82b8c9ea61d279d466db15141221213d42613ed4e2ea3624b407ea812d
SHA512

c50bf531020f02c31a1c033b81876ca28ad55e57ddb316f341cee385555d1e1b7130d7d09ad8bf209ee5b0b68059bfa41f808a68ee1d15976ce360722f21cf75
SSDEEP

12288:15//TpoBlz4/bjS0NAhLNseUzCh1ylVFvR9VrAEj:15//TpoH+GLNseGRVVRLrAEj

Score

1^/10

Malware Config

Signatures

Files

a94204aca6ae6114e86cfd61ff40fb52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

616ab5f35ce43c684d3e930160baf817

Code Sign

28:af:00:7d:0b:c5:13:b4:4d:dc:cb:6e:8f:a4:ae:9e
Certificate

Issuer

CN=zgmcimenzoj

Not Before

19/11/2011, 14:51

Not After

10/07/2012, 22:00

Subject

CN=Wesade Jytever

02:4d:b1:6c:96:81:e4:95:78:8a:ee:83:9b:e1:49:c4:fd:51:bd:13
Signer

Actual PE Digest

02:4d:b1:6c:96:81:e4:95:78:8a:ee:83:9b:e1:49:c4:fd:51:bd:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetParent
GetDlgItemTextA
SetForegroundWindow
GetSysColor
FindWindowA
SendMessageA
RegisterWindowMessageA
CreateDialogIndirectParamA

ole32

CoFileTimeNow
CreateAntiMoniker
CoDisconnectObject
CoReleaseMarshalData
CoCreateInstance
CoRevokeClassObject
CoAddRefServerProcess
CoUninitialize
CoInitialize
OleCreateFromFile
GetClassFile

comctl32

ord6

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
GetOEMCP
GetEnvironmentStringsW
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eizzj
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wxx
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

616ab5f35ce43c684d3e930160baf817

Code Sign

28:af:00:7d:0b:c5:13:b4:4d:dc:cb:6e:8f:a4:ae:9eCertificate

02:4d:b1:6c:96:81:e4:95:78:8a:ee:83:9b:e1:49:c4:fd:51:bd:13Signer

Headers

File Characteristics

Imports

user32

ole32

comctl32

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 92KB

eizzj Size: 281KB - Virtual size: 281KB

wxx Size: 112KB - Virtual size: 112KB

.rsrc Size: 5KB - Virtual size: 5KB

28:af:00:7d:0b:c5:13:b4:4d:dc:cb:6e:8f:a4:ae:9e
Certificate

02:4d:b1:6c:96:81:e4:95:78:8a:ee:83:9b:e1:49:c4:fd:51:bd:13
Signer

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 92KB

eizzj
Size: 281KB - Virtual size: 281KB

wxx
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 5KB - Virtual size: 5KB