bd07f297334af1c82ea9e69e367eb356_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd07f297334af1c82ea9e69e367eb356_JaffaCakes118
Size

288KB
MD5

bd07f297334af1c82ea9e69e367eb356
SHA1

057993bffca8fdc5f4b0646938457270da3e884a
SHA256

ebb1e30ae50e0141e888061b952684f2bd670b20138a6c2afe54ecec8e8cad00
SHA512

c147c57b9c9c85aaf41970a811218e9baf374f8c21f072ab5c12a9d99dd501a0273298b45485128b6921c3d2da966584bfb38767473351a4853261b46f5f4ac4
SSDEEP

6144:UKZBzsuDVxr3lyUqqLSwAohoRauwu5z469o0pZXbXslhl:vNsGVRz9A3RGh0vclhl

Score

1^/10

Malware Config

Signatures

Files

bd07f297334af1c82ea9e69e367eb356_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

Issuer

CN=62esgfdgs

Not Before

23/02/2012, 09:44

Not After

31/12/2039, 23:59

Subject

CN=62esgfdgs

Extended Key Usages

ExtKeyUsageCodeSigning

2c:ed:0b:dd:e9:51:31:46:44:32:ca:af:a5:a4:ca:87:a1:cd:87:3c
Signer

Actual PE Digest

2c:ed:0b:dd:e9:51:31:46:44:32:ca:af:a5:a4:ca:87:a1:cd:87:3c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc
GetPrivateProfileSectionA
OpenJobObjectA
ContinueDebugEvent
InitializeCriticalSection
DosDateTimeToFileTime
lstrlen
GetProfileSectionW
GetHandleInformation
GetCommMask
InitializeCriticalSectionAndSpinCount
SetThreadPriority
GetVersionExA
ReadConsoleW
EscapeCommFunction
lstrcmpi
VirtualLock
RtlMoveMemory
BuildCommDCBA
IsSystemResumeAutomatic
WriteFileGather
FindNextFileW
GetComputerNameA
FreeResource
WaitForMultipleObjectsEx
GetVolumeNameForVolumeMountPointW
Heap32ListFirst
SetMessageWaitingIndicator
Beep
GetFileAttributesA
EnumResourceNamesA
UpdateResourceW
VirtualQuery
MapUserPhysicalPages
FlushInstructionCache
GetTempPathW
CreateTapePartition
CreateMailslotW
GetSystemWindowsDirectoryW
FileTimeToSystemTime
EnumSystemCodePagesW
lstrcpyA
GetCurrentProcess
FreeConsole
DeleteCriticalSection
TlsGetValue
IsValidLocale
AreFileApisANSI
GetNumberFormatA
UnmapViewOfFile
GetExitCodeThread
Thread32First
SetProcessPriorityBoost
GetComputerNameExW
WritePrivateProfileSectionW
GetComputerNameExA
GetConsoleAliasesLengthW
ReadConsoleA
DnsHostnameToComputerNameW
HeapLock
SetConsoleCursorInfo
TerminateThread
EnumResourceLanguagesA
DeleteFileA
GetEnvironmentStrings
GetSystemInfo
GetCPInfoExW
GetFileSize
GetMailslotInfo
SetLocalTime
EndUpdateResourceW
FillConsoleOutputAttribute
GetSystemDefaultLangID
GetCPInfoExA
_lcreat
CreateConsoleScreenBuffer
GetProfileIntA
DuplicateHandle
GetCurrentProcessId
CompareFileTime
WriteProfileStringA
Process32FirstW
GlobalUnWire
CopyFileExW
GetConsoleCursorInfo
GetTimeFormatA
Module32NextW
CreateFileMappingW
PurgeComm
WriteConsoleOutputAttribute
SetProcessAffinityMask
_lread
GlobalFlags
CreateRemoteThread
GetStringTypeExW
GetTapeStatus
SetCurrentDirectoryA
GenerateConsoleCtrlEvent
HeapValidate
FindNextChangeNotification
SetFileApisToANSI
DeleteAtom
GetSystemPowerStatus
IsProcessorFeaturePresent
GetFileAttributesExW
CreateNamedPipeW
GetConsoleAliasExesLengthW
DefineDosDeviceW
WritePrivateProfileStringA
GetCommConfig
EnumSystemLocalesW
GetCommandLineA
VerifyVersionInfoW
HeapSize
GetDiskFreeSpaceExA
SetEndOfFile
SetConsoleTextAttribute
FatalAppExitW
SetSystemTimeAdjustment
SetProcessShutdownParameters
WriteConsoleInputW
FindFirstVolumeMountPointW
GetNamedPipeInfo
ScrollConsoleScreenBufferA
GetCommandLineW
GetCommState
GetConsoleAliasesW
CompareStringA
GetComputerNameW
SetVolumeLabelW
MulDiv
FindResourceExA
SetSystemPowerState
ReadFileEx
GetFullPathNameA
SetFileTime
SetHandleCount
WaitNamedPipeA
SetConsoleMode

advapi32

RegOpenKeyExW

comctl32

ImageList_GetImageRect
ImageList_SetDragCursorImage
ImageList_Destroy
FlatSB_SetScrollPos
ImageList_Remove
FlatSB_EnableScrollBar
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_Duplicate
CreatePropertySheetPageA
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
PropertySheetA
ImageList_SetImageCount
ord13
ImageList_GetBkColor
ImageList_Copy
ord14
FlatSB_SetScrollRange
ImageList_LoadImageW
ImageList_SetIconSize
DrawStatusText
ImageList_BeginDrag
UninitializeFlatSB
PropertySheetW
CreateToolbarEx
InitMUILanguage
ImageList_EndDrag
ImageList_Draw
ord6
FlatSB_GetScrollPos
ImageList_LoadImage
ImageList_Merge
ImageList_DragMove
ImageList_GetDragImage
ImageList_GetIconSize
_TrackMouseEvent
ord2
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_SetBkColor
ImageList_DragEnter
ImageList_Replace
ImageList_DrawIndirect
ImageList_GetImageCount
ord17
ImageList_SetOverlayImage
ord4
ord15
InitializeFlatSB
CreateStatusWindowW
ImageList_Write
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_LoadImageA
ImageList_Add
ord8
PropertySheet
FlatSB_GetScrollInfo
FlatSB_GetScrollProp
ord16
ImageList_AddMasked
ImageList_Read
ImageList_SetFilter
ImageList_DragLeave
FlatSB_SetScrollProp
ord3
CreateStatusWindow
GetMUILanguage
InitCommonControlsEx
ImageList_GetIcon

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text11
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textH3
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH4
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH1
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH5
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH9
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH10
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH11
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47Certificate

Extended Key Usages

2c:ed:0b:dd:e9:51:31:46:44:32:ca:af:a5:a4:ca:87:a1:cd:87:3cSigner

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

.text11 Size: 263KB - Virtual size: 263KB

.text12 Size: 2KB - Virtual size: 1KB

.textH3 Size: 512B - Virtual size: 500B

.textH4 Size: 512B - Virtual size: 500B

.textH1 Size: 512B - Virtual size: 500B

.textH5 Size: 512B - Virtual size: 500B

.textH6 Size: 512B - Virtual size: 500B

.textH7 Size: 512B - Virtual size: 500B

.textH8 Size: 512B - Virtual size: 500B

.textH9 Size: 512B - Virtual size: 500B

.textH10 Size: 512B - Virtual size: 500B

.textH11 Size: 512B - Virtual size: 500B

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

2c:ed:0b:dd:e9:51:31:46:44:32:ca:af:a5:a4:ca:87:a1:cd:87:3c
Signer

.text
Size: 4KB - Virtual size: 3KB

.text11
Size: 263KB - Virtual size: 263KB

.text12
Size: 2KB - Virtual size: 1KB

.textH3
Size: 512B - Virtual size: 500B

.textH4
Size: 512B - Virtual size: 500B

.textH1
Size: 512B - Virtual size: 500B

.textH5
Size: 512B - Virtual size: 500B

.textH6
Size: 512B - Virtual size: 500B

.textH7
Size: 512B - Virtual size: 500B

.textH8
Size: 512B - Virtual size: 500B

.textH9
Size: 512B - Virtual size: 500B

.textH10
Size: 512B - Virtual size: 500B

.textH11
Size: 512B - Virtual size: 500B

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB