b41de72219c0786f453158313cf47976_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b41de72219c0786f453158313cf47976_JaffaCakes118
Size

193KB
MD5

b41de72219c0786f453158313cf47976
SHA1

c3688b2fcf8d04ecc9c9c16a6f51b7cffd94e583
SHA256

fb77331aa983cdf2c3eb2da6ecd81656e4ce9f03a47e3f355f5efd18065d3da8
SHA512

2ede44dba9c4fcb8f139af62106413cdd0c09b05a809c838cc9de8678458a07b52c8ca97477126aee3a524c849b3087efcad0ce04e38cda9c9390002c69a7989
SSDEEP

6144:m60yn4K9X1CEdiHL4V5KD0MBelkguejxt:m60KXZ3XOB2kgxn

Score

1^/10

Malware Config

Signatures

Files

b41de72219c0786f453158313cf47976_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5b3ebbf3054bdcf8f600b424b768dfd4

Code Sign

29:b4:5a:cf:c6:1b:d4:90:4d:49:d6:0a:6b:1c:57:4d
Certificate

Issuer

CN=4u6uWYPheizgxoQ0kyajRqO6f

Not Before

25/04/2012, 05:18

Not After

31/12/2039, 23:59

Subject

CN=4u6uWYPheizgxoQ0kyajRqO6f

Extended Key Usages

ExtKeyUsageCodeSigning

36:4e:32:d7:03:ab:69:e1:15:2d:d3:aa:4d:94:c2:61:ca:e9:a1:7a
Signer

Actual PE Digest

36:4e:32:d7:03:ab:69:e1:15:2d:d3:aa:4d:94:c2:61:ca:e9:a1:7a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
FileTimeToDosDateTime
GetWindowsDirectoryA
GetCommandLineA
lstrcatA
VirtualAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

gdi32

GetStockObject

advapi32

RegOpenKeyExA

oleaut32

CreateTypeLib2
DispCallFunc
DispGetParam
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadTypeLi
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLi
RegisterActiveObject
RegisterTypeLi
SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVectorEx
SafeArrayDestroyData
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SetErrorInfo
SysAllocStringByteLen
SysAllocStringLen
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLi
VARIANT_UserFree
VARIANT_UserMarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI2
VarBoolFromI4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI4
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromI1
VarBstrFromI2
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarCat
VarCmp
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromI1
VarCyFromI4
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyMul
VarCyMulI4
VarCyRound
VarCySu
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI2
VarDateFromI4
VarDateFromR8
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
CreateErrorInfo
VarDecAbs
VarDecAdd
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromR8
VarDecFromUI1
VarDecFromUI2
VarDecInt
VarDecMul
VarDecRound
VarDecSu
VarFix
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatPercent
VarI1FromBool
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI4FromBool
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromR4
VarI4FromR8
VarI4FromUI1
VarIdiv
VarImp
VarMod
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromStr
VarR8FromUI2
VarR8FromUI4
VarR8Pow
VarRound
VarSu
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI2
VarUI2FromI4
VarUI2FromUI1
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromStr
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VariantChangeType
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToSystemTime
VectorFromBstr
CreateDispTypeInfo
ClearCustData
BSTR_UserUnmarshal
BSTR_UserSize
BSTR_UserFree
VarDateFromUdateEx

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b3ebbf3054bdcf8f600b424b768dfd4

Code Sign

29:b4:5a:cf:c6:1b:d4:90:4d:49:d6:0a:6b:1c:57:4dCertificate

Extended Key Usages

36:4e:32:d7:03:ab:69:e1:15:2d:d3:aa:4d:94:c2:61:ca:e9:a1:7aSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

oleaut32

Sections

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 960B

.data6 Size: 512B - Virtual size: 500B

.data7 Size: 512B - Virtual size: 500B

.data8 Size: 512B - Virtual size: 500B

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

29:b4:5a:cf:c6:1b:d4:90:4d:49:d6:0a:6b:1c:57:4d
Certificate

36:4e:32:d7:03:ab:69:e1:15:2d:d3:aa:4d:94:c2:61:ca:e9:a1:7a
Signer

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 960B

.data6
Size: 512B - Virtual size: 500B

.data7
Size: 512B - Virtual size: 500B

.data8
Size: 512B - Virtual size: 500B

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB