b70d51cc559e9c4bbb14505a4e8f3f3d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b70d51cc559e9c4bbb14505a4e8f3f3d_JaffaCakes118
Size

293KB
MD5

b70d51cc559e9c4bbb14505a4e8f3f3d
SHA1

feb003d915193daa5e525731d26256d8bd183790
SHA256

13a2de90cf8314a66ad980d4fbfd4e3e5c5f228a3e928d4a7392a805a3cd2edd
SHA512

6aa01660aa3f0b296d3c6ceea5c0557b2ddb853a3b0cb4ac91948a4946372a814cb2224efcd454aa5e4af90d0210a4522918360f84a309fcac1daa63268753b7
SSDEEP

6144:0PdMIMANEVzGlcEDUl4qaRYVQLJTGbusJRhgnGXcAD7Xm2BeddhMH/vKE:0NEh8cSLqdAsisDhgnGbBBedDMfvv

Score

1^/10

Malware Config

Signatures

Files

b70d51cc559e9c4bbb14505a4e8f3f3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

Issuer

CN=ggggggggg

Not Before

17-01-2012 12:30

Not After

31-12-2039 23:59

Subject

CN=ggggggggg

Extended Key Usages

ExtKeyUsageCodeSigning

03:c3:29:0f:0d:b0:03:11:ff:07:d6:54:5e:51:db:9b:69:d2:e6:5f
Signer

Actual PE Digest

03:c3:29:0f:0d:b0:03:11:ff:07:d6:54:5e:51:db:9b:69:d2:e6:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
SetThreadLocale
GetDateFormatW
GlobalMemoryStatus
SetThreadPriorityBoost
SetTapePosition
LocalLock
lstrcmpi
GenerateConsoleCtrlEvent
FreeConsole
MoveFileWithProgressA
GetVersionExA
SetConsoleActiveScreenBuffer
BindIoCompletionCallback
ChangeTimerQueueTimer
GetFileSize
IsDebuggerPresent
SetFileAttributesA
GetQueuedCompletionStatus
GetExitCodeThread
MoveFileWithProgressW
HeapUnlock
GetCommState
ReadConsoleOutputA
GetConsoleTitleW
GetProcessHeap
WaitCommEvent
LocalSize
GlobalFindAtomW
GlobalFlags
OpenProcess
GetVersionExW
OpenFileMappingW
GetProcAddress
FormatMessageA
HeapWalk
GetFileAttributesA
SetMailslotInfo
EndUpdateResourceA
lstrcpyW
PurgeComm
EnumResourceNamesW
GlobalAddAtomA
GetACP
SetDefaultCommConfigA
VerSetConditionMask
CompareStringW
GetPrivateProfileSectionNamesA
Thread32First
GetLocaleInfoA
GlobalGetAtomNameA
QueryDosDeviceW
HeapLock
SetEndOfFile
GetProcessShutdownParameters
IsBadStringPtrA
FindFirstVolumeW
LoadLibraryExA
GetFileAttributesExA
QueryPerformanceCounter
SetEnvironmentVariableW
GetCommandLineA
EnumDateFormatsExA
CancelWaitableTimer
WriteProfileStringA
RtlUnwind
GetCPInfo
lstrcpy
GetLastError
GetStartupInfoA
VirtualLock
GetVolumePathNameA
CreateTimerQueueTimer
HeapSize
SetConsoleMode
_lwrite
HeapAlloc
OpenWaitableTimerA
CreateSemaphoreW
FillConsoleOutputCharacterW
CreateNamedPipeW
CommConfigDialogA
GetCompressedFileSizeW
SetCommMask
ScrollConsoleScreenBufferA
CreateMutexA
CreateRemoteThread
IsBadReadPtr
FindNextVolumeA
InterlockedIncrement
GetThreadSelectorEntry
WideCharToMultiByte
FreeEnvironmentStringsA
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetModuleHandleA

user32

GetCaretPos
GetClipCursor
SetPropW
InvalidateRect
UnregisterDeviceNotification
GetDesktopWindow
DestroyWindow
FrameRect
PostMessageA
DdeUninitialize
SetUserObjectInformationW
CreateAcceleratorTableA
GetMenuStringA
CountClipboardFormats
CloseWindowStation
RealGetWindowClassW
CharToOemBuffA
GetWindowDC
RegisterDeviceNotificationW
CharLowerA
GetClassWord
GetAsyncKeyState
SendInput
SetLayeredWindowAttributes
LookupIconIdFromDirectoryEx
IsDlgButtonChecked
AppendMenuW
ChangeMenuW
OemKeyScan
FillRect
OemToCharBuffA
SetProcessDefaultLayout
SetKeyboardState
GetAltTabInfo
RegisterWindowMessageW
EnumThreadWindows
RegisterClassExA
GetWindowModuleFileName
GetKeyboardLayout
DrawTextW
CreatePopupMenu
SendDlgItemMessageA
ChildWindowFromPointEx
SetMessageQueue
DdeSetUserHandle
SetCursor
GetClipboardFormatNameA
ScrollWindowEx
OemToCharW
SetDoubleClickTime
DrawFrame
IsWindowVisible
ChangeDisplaySettingsA
GetDlgItemInt
GetKeyboardLayoutList
LoadAcceleratorsA
CharToOemW
UpdateWindow
GetIconInfo
SetLastErrorEx
RegisterClassA
IMPSetIMEA
ModifyMenuW
GetListBoxInfo
RegisterClipboardFormatW
SetDlgItemTextW
SetWindowLongA
EnumChildWindows
IsIconic
GetMenuItemCount
ValidateRect
CreateIcon
IsRectEmpty
GetKeyboardLayoutNameA
GetWindow
MsgWaitForMultipleObjects
CreateDialogParamW
GetPropA
GetDCEx
GetDC
IsWindow
CloseWindow
GetDlgItem
CharPrevExA
GetPropW
GetShellWindow
IsDialogMessageA
LoadIconA

advapi32

RegOpenKeyExW

ole32

HMETAFILEPICT_UserFree
HICON_UserUnmarshal
CoGetPSClsid
CoRevertToSelf
WdtpInterfacePointer_UserFree
SetConvertStg
CoGetMalloc
OleSaveToStream
CLSIDFromString
StgOpenStorageOnILockBytes
CoUninitialize
CoMarshalHresult
CoGetInterfaceAndReleaseStream
UtGetDvtd32Info
CoRegisterPSClsid
OleCreateFromDataEx
CoDisableCallCancellation
OleCreateFromFileEx
MkParseDisplayName
CreateStdProgressIndicator
OleConvertIStorageToOLESTREAMEx
OleCreateEmbeddingHelper
HMETAFILE_UserSize
HBITMAP_UserMarshal
OleQueryLinkFromData
PropStgNameToFmtId
GetClassFile
OleLoad
FreePropVariantArray
GetConvertStg
HWND_UserUnmarshal
CoGetStdMarshalEx
OleSetMenuDescriptor
CoGetInstanceFromIStorage
WriteOleStg
HENHMETAFILE_UserFree
CoGetCurrentProcess
HMETAFILE_UserFree
OleRegEnumFormatEtc
HENHMETAFILE_UserMarshal
OleRegGetUserType
OleLoadFromStream
ProgIDFromCLSID
HkOleRegisterObject
UtConvertDvtd16toDvtd32
CoGetInstanceFromFile
WriteClassStg
CoLoadLibrary
CoAddRefServerProcess
CoQueryProxyBlanket
ReadClassStg
CoRevokeMallocSpy
HBRUSH_UserFree
CoGetCallerTID
CoGetMarshalSizeMax
HMETAFILEPICT_UserUnmarshal
CoAllowSetForegroundWindow
CoTaskMemFree
CoQueryClientBlanket
OleCreateDefaultHandler
HGLOBAL_UserSize
CoBuildVersion
CoCancelCall
HICON_UserSize
StgCreateDocfile
CoSuspendClassObjects
EnableHookObject
OleDraw
OleConvertOLESTREAMToIStorageEx
MonikerCommonPrefixWith
OleSetContainedObject
CLIPFORMAT_UserSize
HGLOBAL_UserFree
SNB_UserFree
CoRegisterSurrogate
HPALETTE_UserSize
CoReleaseMarshalData
OleNoteObjectVisible
CoTaskMemRealloc
CoTreatAsClass
StgCreatePropStg
OleDoAutoConvert
OleTranslateAccelerator
SetDocumentBitStg
CoGetObjectContext

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77Certificate

Extended Key Usages

03:c3:29:0f:0d:b0:03:11:ff:07:d6:54:5e:51:db:9b:69:d2:e6:5fSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 1KB - Virtual size: 1KB

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

03:c3:29:0f:0d:b0:03:11:ff:07:d6:54:5e:51:db:9b:69:d2:e6:5f
Signer

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 1KB - Virtual size: 1KB