b4063770bd384c38af1272f340d2199c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b4063770bd384c38af1272f340d2199c_JaffaCakes118
Size

176KB
MD5

b4063770bd384c38af1272f340d2199c
SHA1

5ddb906e03058fef39d4d7aca5c3b101f7903cf3
SHA256

38be8a79b0525cfcdd9efb5427634e46f739fdd69010cfb304164e1bff973eff
SHA512

dfcc8a3b8a72a696766f9bff68840b37862ba38817a00efe7fe12dd8c0762071828b407b436a0b6e92b4fc07dc03a1b33bc403c28426b061bcd532fe64db04e6
SSDEEP

3072:q9byZGOWXpoSEV1NHTso5v9snyzEvOLWkpVR8Sv+7M8PZZfYnrSXoea:NApC1vV6noEmLPpbuIn

Score

1^/10

Malware Config

Signatures

Files

b4063770bd384c38af1272f340d2199c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec4bcf679a0c321685501642c283e424

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

Issuer

CN=NCrG992VieeQ

Not Before

14-03-2012 06:19

Not After

31-12-2039 23:59

Subject

CN=NCrG992VieeQ

Extended Key Usages

ExtKeyUsageCodeSigning

13:04:cf:a0:a6:14:57:87:7f:c4:3b:17:b6:81:7b:6b:b1:65:1c:dc
Signer

Actual PE Digest

13:04:cf:a0:a6:14:57:87:7f:c4:3b:17:b6:81:7b:6b:b1:65:1c:dc

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
CreateFileA
lstrlenA
GetWindowsDirectoryA
lstrcpyA
GetProcAddress

user32

SetMessageExtraInfo
SetMessageQueue
SetScrollPos
SetScrollRange
SetSystemCursor
SystemParametersInfoW
TileChildWindows
TrackMouseEvent
UnionRect
ValidateRect
WindowFromDC
SetMenuDefaultItem
SetMenu
SetDlgItemTextA
SetDlgItemInt
SetClassLongA
SetCaretPos
SetActiveWindow
SendMessageA
ScrollDC
ReplyMessage
RemovePropW
ReleaseDC
RegisterShellHookWindow
RegisterDeviceNotificationW
PostMessageW
PaintDesktop
OemToCharA
MessageBoxExW
MapVirtualKeyExW
MapVirtualKeyA
MapDialogRect
LockSetForegroundWindow
LoadMenuW
LoadMenuIndirectA
AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallMsgFilter
CascadeWindows
ChangeMenuA
CharToOemBuffA
CharToOemW
LoadMenuA
CharUpperA
CharUpperBuffW
CopyAcceleratorTableA
CountClipboardFormats
CreateDesktopA
CreateIcon
CreateMDIWindowA
CreateWindowExA
DdeCreateDataHandle
DdeInitializeA
DdeKeepStringHandle
DefDlgProcW
DialogBoxParamA
DlgDirSelectComboBoxExA
DrawTextExW
EndMenu
EndTask
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplaySettingsW
EnumPropsA
FindWindowA
FrameRect
GetAltTabInfoW
GetCaretBlinkTime
GetClipboardViewer
GetDlgItemInt
GetIconInfo
GetKeyboardLayoutList
GetKeyboardType
GetLastInputInfo
GetMenuDefaultItem
GetMessagePos
GetMessageTime
GetMonitorInfoA
GetMonitorInfoW
GetProcessWindowStation
GetWindow
GetWindowThreadProcessId
IMPQueryIMEA
IMPQueryIMEW
InsertMenuA
AnyPopup
IntersectRect
InvertRect
IsIconic
KillTimer
LoadKeyboardLayoutW

comdlg32

PageSetupDlgW
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
ChooseColorA
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW

advapi32

RegOpenKeyW

ole32

OleRegGetMiscStatus
OleRun
OleSaveToStream
OleSetAutoConvert
OleSetContainedObject
OleSetMenuDescriptor
PropVariantClear
ReadClassStg
ReadClassStm
ReadOleStg
RevokeDragDrop
SNB_UserFree
SNB_UserUnmarshal
SetConvertStg
SetDocumentBitStg
StgCreateDocfile
StgCreatePropSetStg
StgIsStorageILockBytes
StgOpenPropStg
StgOpenStorageEx
StringFromIID
UtGetDvtd16Info
WdtpInterfacePointer_UserFree
WriteClassStg
WriteOleStg
OleRegEnumFormatEtc
OleQueryCreateFromData
OleMetafilePictFromIconAndLabel
OleLoadFromStream
OleGetIconOfFile
OleGetAutoConvert
OleFlushClipboard
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleCreateFromFileEx
OleConvertOLESTREAMToIStorage
HPALETTE_UserFree
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserMarshal
HMENU_UserSize
HMENU_UserFree
HGLOBAL_UserMarshal
HGLOBAL_UserFree
HDC_UserFree
HBRUSH_UserUnmarshal
HBRUSH_UserFree
HBITMAP_UserSize
HACCEL_UserMarshal
GetHookInterface
GetHGlobalFromStream
FreePropVariantArray
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateDataCache
CoUnmarshalInterface
CoUnloadingWOW
CoUninitialize
CoSwitchCallContext
CoRevokeMallocSpy
CoReleaseServerProcess
CoRegisterChannelHook
CoQueryProxyBlanket
CoQueryClientBlanket
CoLockObjectExternal
CoLoadLibrary
CoIsHandlerConnected
CoInstall
CoInitializeWOW
CoGetStandardMarshal
CoGetMalloc
CoGetInstanceFromIStorage
CoGetCurrentLogicalThreadId
CoFreeLibrary
CoFileTimeToDosDateTime
CoCreateInstanceEx
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoBuildVersion
CLSIDFromProgIDEx
OleGetClipboard
CoFreeUnusedLibraries

comctl32

ord8
CreatePropertySheetPage
CreatePropertySheetPageW
ord6
CreateStatusWindowW
UninitializeFlatSB
ord3
PropertySheetW
ord2
ord13
ord14
InitMUILanguage
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_AddMasked
ImageList_AddIcon
ImageList_Add
GetMUILanguage
ord4
FlatSB_ShowScrollBar
FlatSB_SetScrollRange
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
FlatSB_GetScrollProp
FlatSB_GetScrollPos
FlatSB_EnableScrollBar
DrawStatusTextW
DestroyPropertySheetPage
ord7

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec4bcf679a0c321685501642c283e424

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3bCertificate

Extended Key Usages

13:04:cf:a0:a6:14:57:87:7f:c4:3b:17:b6:81:7b:6b:b1:65:1c:dcSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 12KB - Virtual size: 11KB

.text1 Size: 156KB - Virtual size: 155KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 6KB

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

13:04:cf:a0:a6:14:57:87:7f:c4:3b:17:b6:81:7b:6b:b1:65:1c:dc
Signer

.text
Size: 12KB - Virtual size: 11KB

.text1
Size: 156KB - Virtual size: 155KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 6KB