b604a2703b8001b81b7f83527b4c1358_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b604a2703b8001b81b7f83527b4c1358_JaffaCakes118
Size

307KB
MD5

b604a2703b8001b81b7f83527b4c1358
SHA1

d55d824bd8670aeb8e6683515b4742b04c1e02c7
SHA256

c5ed7ed4aba6d2b11bc10d06460a2030b173d277fe1da55b935fa3b07056ab11
SHA512

4520d7f64ef7fb976d48ecc5d1f3b50db80c37bd81b686e98af7d5c5ee830d2875f06150b32d181068001fc4dd2c460ea5b33c61761302d0660f78222d4196c5
SSDEEP

6144:goOuatq9nLtnGR9XACo5TdW+UKaG4JFW/gRVzgUEjRDrviICUvG:goO9t6ZnGLX/yZaKP4J02FartJ

Score

1^/10

Malware Config

Signatures

Files

b604a2703b8001b81b7f83527b4c1358_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ca23607a5e79572f3a6138458b36780

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

Issuer

CN=drVoA01yoqkQ

Not Before

14/03/2012, 05:55

Not After

31/12/2039, 23:59

Subject

CN=drVoA01yoqkQ

Extended Key Usages

ExtKeyUsageCodeSigning

7f:20:c8:aa:3e:fe:2a:b9:08:aa:9d:3f:6e:89:bb:95:5f:95:08:98
Signer

Actual PE Digest

7f:20:c8:aa:3e:fe:2a:b9:08:aa:9d:3f:6e:89:bb:95:5f:95:08:98

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetLogicalDriveStringsA
LoadLibraryA
GetProcAddress
lstrcpyW
LoadLibraryW
PostQueuedCompletionStatus
WinExec
BuildCommDCBAndTimeoutsW
OpenMutexW
CreateJobObjectA
CreateFileW
GetFileAttributesExW
GetTapeParameters
GetShortPathNameW
GetStringTypeExA
HeapAlloc
RaiseException
WritePrivateProfileStructA
LoadLibraryExA
GetSystemTime
SystemTimeToFileTime
LockFileEx
GetProfileIntA
CreateWaitableTimerA
GetCommandLineW
GetAtomNameW
CommConfigDialogW
GetEnvironmentVariableA
Heap32ListNext
SetProcessWorkingSetSize
EnumLanguageGroupLocalesW
SetSystemTimeAdjustment
VerLanguageNameA
OpenJobObjectW
FindCloseChangeNotification
GetStartupInfoA
Thread32Next
AddConsoleAliasA
SetComputerNameA
GetCPInfoExA
GetFullPathNameA
UnlockFile
FreeLibrary
GetCurrentConsoleFont
GetComputerNameA
EnumResourceTypesA
CancelWaitableTimer
BackupWrite
GetStringTypeA
WritePrivateProfileSectionW
ReadConsoleA
FillConsoleOutputAttribute
GetTapeStatus
VerifyVersionInfoA
ReadConsoleOutputCharacterW
SetDefaultCommConfigA
FindNextVolumeMountPointA
VirtualProtectEx
GetComputerNameExA
GetLocaleInfoA
AddAtomA
WriteTapemark
GetVolumeNameForVolumeMountPointW
FindResourceExW
Heap32First
ClearCommError
CreateHardLinkA
GetLongPathNameW
SetPriorityClass
ContinueDebugEvent
GetHandleInformation
BuildCommDCBA
SetLastError
WriteProcessMemory
FreeConsole
TransactNamedPipe
GetFileAttributesW
MapViewOfFileEx
GetEnvironmentStringsA
lstrlenW
SignalObjectAndWait
SetComputerNameW
GetDevicePowerState
CreateSemaphoreA
SetThreadAffinityMask
OpenMutexA
FindResourceW
GetEnvironmentStringsW
DeleteVolumeMountPointW
CreateDirectoryExW
CreateIoCompletionPort
VirtualProtect
GetSystemWindowsDirectoryA
GetEnvironmentVariableW
GetLocalTime
SetThreadContext

user32

CharNextA
LoadCursorFromFileW
AnimateWindow
IsHungAppWindow
CharUpperBuffW
ChangeDisplaySettingsA
wsprintfA
CreatePopupMenu
IsCharAlphaW
GetParent
TrackPopupMenu
CreateWindowStationA
GetMenuDefaultItem
DrawEdge
SendDlgItemMessageW
GetWindowInfo
DdeCreateStringHandleA
IsRectEmpty
SetWindowsHookW
GetMenuStringA
ToUnicode
GetCapture
DrawIconEx
GetKeyNameTextW
IsWindowVisible
GetMonitorInfoA
LoadMenuW
DefFrameProcA
SetWindowsHookExA
EqualRect
EnumThreadWindows
DlgDirListComboBoxW
GetCaretPos
SwitchToThisWindow
DdeUninitialize
SetDlgItemTextW
SetWindowTextA
DlgDirSelectComboBoxExA
SendMessageCallbackW
DdeConnect
CheckMenuRadioItem
GetWindowRect
CheckRadioButton
GetAncestor
GetNextDlgTabItem
ShowScrollBar
CharToOemBuffW
UpdateWindow
DlgDirSelectExW
MessageBeep
LoadCursorA
GetComboBoxInfo
OpenWindowStationW
CharPrevExA
BroadcastSystemMessageA
GetKeyboardLayoutNameA
CharLowerA
DefWindowProcW
IsDialogMessageA
GetKeyNameTextA
PostThreadMessageA
RemovePropW
GetMenuItemInfoA
EndMenu
SetTimer
DefDlgProcW
FreeDDElParam
SetWindowRgn
SetRectEmpty
ToAsciiEx
MoveWindow
GetAsyncKeyState
GetTopWindow
SetWindowPos
PackDDElParam
DdeDisconnectList
WindowFromDC
LoadImageW
DdeAbandonTransaction
GrayStringA
SetActiveWindow
TranslateAcceleratorW
GetMenuItemInfoW
OpenWindowStationA
EnumDisplayMonitors
IsWindow
CreateDialogParamA
GetWindowThreadProcessId
GetPropA
wsprintfW
DdeClientTransaction
CascadeChildWindows
GetWindowTextW
GetKBCodePage
GetMenuCheckMarkDimensions
GetWindowLongA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
GetStretchBltMode
SetLayoutWidth
GetCharWidthW
GdiFlush
GetMetaFileA
GdiDllInitialize
GetGlyphOutline
CreateEllipticRgnIndirect
PtVisible
GetClipBox
SetBoundsRect
GetEnhMetaFileBits
SetPolyFillMode
GdiEntry4
EngFindResource
SetMetaFileBitsEx
EngCreateDeviceBitmap
GdiEntry14
GetRegionData
GetMetaFileW
CreateEnhMetaFileA
EngDeletePalette
AddFontResourceExA
GetNearestPaletteIndex
StrokeAndFillPath
SetPixelFormat
CreatePolygonRgn
XFORMOBJ_bApplyXform
CreateRoundRectRgn
GdiEntry5
GdiGetSpoolMessage
GdiEndPageEMF
GdiConsoleTextOut
GetArcDirection
EndDoc
ExtCreatePen
GdiEntry6
PATHOBJ_vEnumStartClipLines
RemoveFontResourceExA
EqualRgn
GdiProcessSetup
CreateScalableFontResourceW
cGetTTFFromFOT
GetCharWidthInfo
PathToRegion
Polygon
GdiCleanCacheDC
PolyPolyline
LPtoDP
SetMagicColors
GdiCreateLocalEnhMetaFile
GetEUDCTimeStampExW
CreateCompatibleBitmap
CLIPOBJ_ppoGetPath
GetPath
SaveDC
FrameRgn
ResetDCA
GdiDeleteLocalDC
GdiGetPageHandle
ExtFloodFill
GetBkColor
EngComputeGlyphSet
GetTextExtentExPointWPri
GetPolyFillMode
GdiGetCodePage
GdiValidateHandle
GetOutlineTextMetricsW
CreateBrushIndirect
GetStringBitmapA
CopyEnhMetaFileA
CancelDC
EngStretchBltROP
EngCheckAbort
IntersectClipRect
GetTextMetricsA
GdiStartDocEMF
CreateEnhMetaFileW
GdiEntry8
GetAspectRatioFilterEx
GetTextExtentPointI
PlgBlt
SetBitmapDimensionEx
PolylineTo
FlattenPath
GetWinMetaFileBits
DeviceCapabilitiesExA
GdiConvertEnhMetaFile
GetColorAdjustment

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ca23607a5e79572f3a6138458b36780

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1Certificate

Extended Key Usages

7f:20:c8:aa:3e:fe:2a:b9:08:aa:9d:3f:6e:89:bb:95:5f:95:08:98Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 290KB - Virtual size: 289KB

.text3 Size: 1024B - Virtual size: 1000B

.text2 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

7f:20:c8:aa:3e:fe:2a:b9:08:aa:9d:3f:6e:89:bb:95:5f:95:08:98
Signer

.text
Size: 290KB - Virtual size: 289KB

.text3
Size: 1024B - Virtual size: 1000B

.text2
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB