afb5123f9a29744d8de12b193dec7c05_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

afb5123f9a29744d8de12b193dec7c05_JaffaCakes118
Size

203KB
MD5

afb5123f9a29744d8de12b193dec7c05
SHA1

0151d22e896173330de6ac57b4ac3a73366b54ee
SHA256

9a1c07a891330e563d4cca2e2cce333ec83e27225c76bfc8b31f2b204c5bf140
SHA512

c77058310f17824a2fc92a0e1a4f0872ef3f39c71324534889a2240a76e2ec769610f11e0cc3a3b8d46e4a81987184498bd06fd7921bbbea84afefa2f2fa6af3
SSDEEP

3072:tiJuBXB3YfPUHp3SaKHRXlijZIT/LhYyd7WW9/Kb6IB5vtP8rLLf/tlHJgK6qepr:tuUpSa2l4ZITThYyRb9/K2IPFPI1vg

Score

1^/10

Malware Config

Signatures

Files

afb5123f9a29744d8de12b193dec7c05_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f0382eb58b16920eb6e939d50f846a78

Code Sign

51:58:4f:24:8d:a8:48:41:bb:97:df:9f:a7:44:ce:9c
Certificate

Issuer

CN=oCa3Pc5NCgcd

Not Before

16-03-2012 08:46

Not After

31-12-2039 23:59

Subject

CN=oCa3Pc5NCgcd

Extended Key Usages

ExtKeyUsageCodeSigning

1f:26:ee:ba:74:e0:0b:e7:83:c2:5e:60:16:49:1b:49:53:cc:24:07
Signer

Actual PE Digest

1f:26:ee:ba:74:e0:0b:e7:83:c2:5e:60:16:49:1b:49:53:cc:24:07

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
ExitProcess
lstrcpyW
VirtualAlloc

user32

CascadeChildWindows
CharUpperA
DrawTextExW
EnableMenuItem
EnumDisplaySettingsW
GetDlgItemTextA
GetMenuItemInfoW
GetSystemMenu
GrayStringW
LoadMenuW
PostMessageA
RegisterClassW
TrackPopupMenu
UnregisterClassW
CharLowerBuffW

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyW

ole32

OleDraw
OleDuplicateData
OleGetClipboard
OleInitialize
OleInitializeWOW
OleLoad
OleUninitialize
ProgIDFromCLSID
PropStgNameToFmtId
ReadClassStg
ReadOleStg
RegisterDragDrop
ReleaseStgMedium
SNB_UserMarshal
STGMEDIUM_UserMarshal
StgCreateDocfileOnILockBytes
StgCreatePropSetStg
StgGetIFillLockBytesOnILockBytes
StgOpenPropStg
StgSetTimes
UpdateDCOMSettings
WriteClassStg
WriteClassStm
WriteFmtUserTypeStg
WriteOleStg
HMETAFILE_UserFree
HMENU_UserMarshal
HGLOBAL_UserFree
HENHMETAFILE_UserUnmarshal
HENHMETAFILE_UserMarshal
HDC_UserUnmarshal
HDC_UserFree
OleDoAutoConvert
HACCEL_UserUnmarshal
GetHGlobalFromILockBytes
GetDocumentBitStg
GetConvertStg
GetClassFile
EnableHookObject
CreatePointerMoniker
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CreateAntiMoniker
CoUnmarshalInterface
CoUninitialize
CoTestCancel
CoSwitchCallContext
CoResumeClassObjects
CoReleaseServerProcess
CoImpersonateClient
CoGetTreatAsClass
CoGetStdMarshalEx
CoGetInstanceFromIStorage
CoGetCurrentLogicalThreadId
CoGetClassObject
CoGetCancelObject
CoGetCallerTID
CoGetCallContext
CoFreeLibrary
CoFreeAllLibraries
CoCreateInstance
CoCreateGuid
CoCancelCall
CoBuildVersion
CLSIDFromString
CLIPFORMAT_UserUnmarshal
BindMoniker
OleCreateStaticFromData
OleCreateMenuDescriptor
OleCreateLinkToFileEx
OleCreateLinkFromDataEx
OleCreateLinkEx
OleCreateFromFileEx
OleCreateFromDataEx
OleCreateFromData
OleConvertIStorageToOLESTREAMEx
HMETAFILE_UserMarshal
MkParseDisplayName
HWND_UserFree
HPALETTE_UserSize
HPALETTE_UserMarshal
HBRUSH_UserUnmarshal
HPALETTE_UserFree
OleConvertIStorageToOLESTREAM

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord6
ord7
CreateToolbarEx
_TrackMouseEvent
UninitializeFlatSB
ord3
PropertySheetW
PropertySheetA
PropertySheet
ord2
ord13
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetImageCount
ImageList_SetIconSize
CreatePropertySheetPage
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_ShowScrollBar
ord4
GetMUILanguage
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ImageList_DrawEx
ord8
ImageList_SetFilter
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_Merge
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DrawIndirect

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0382eb58b16920eb6e939d50f846a78

Code Sign

51:58:4f:24:8d:a8:48:41:bb:97:df:9f:a7:44:ce:9cCertificate

Extended Key Usages

1f:26:ee:ba:74:e0:0b:e7:83:c2:5e:60:16:49:1b:49:53:cc:24:07Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 188KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 56B

.text4 Size: 1024B - Virtual size: 1000B

.text3 Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

51:58:4f:24:8d:a8:48:41:bb:97:df:9f:a7:44:ce:9c
Certificate

1f:26:ee:ba:74:e0:0b:e7:83:c2:5e:60:16:49:1b:49:53:cc:24:07
Signer

.text
Size: 188KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 56B

.text4
Size: 1024B - Virtual size: 1000B

.text3
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB