bd30ec141ad6b1a53687a506a9d2c6ba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bd30ec141ad6b1a53687a506a9d2c6ba_JaffaCakes118
Size

288KB
MD5

bd30ec141ad6b1a53687a506a9d2c6ba
SHA1

5f208c4a9bf24afc04cd16f9bde551f8c3e263cf
SHA256

b50a1691c0ad8fb66892fe2d3ff8702f02c874b2b1df6445dc4d0eef4dbf95f7
SHA512

75428ecaa22c0d995991230355a34a06da2a6c6cb2e984241d81e4507c9069ecb0542c7a7441fa5ba857353a6c747c63f99c484887d43a9fc93441287238169d
SSDEEP

6144:wKjBzsuDVxMf3lyUqqLSwAohoRa3wu5z469o0/ZXbYslo:RNsGVwz9A3RXh011lo

Score

1^/10

Malware Config

Signatures

Files

bd30ec141ad6b1a53687a506a9d2c6ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87fe56bbce50b82b59b075d82b50741b

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

Issuer

CN=62esgfdgs

Not Before

23-02-2012 09:44

Not After

31-12-2039 23:59

Subject

CN=62esgfdgs

Extended Key Usages

ExtKeyUsageCodeSigning

6c:6a:1e:5f:96:3f:11:d4:83:4d:8d:e2:18:c0:5c:9b:12:7a:ae:35
Signer

Actual PE Digest

6c:6a:1e:5f:96:3f:11:d4:83:4d:8d:e2:18:c0:5c:9b:12:7a:ae:35

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc
GetEnvironmentVariableA
WaitForSingleObject
GetStdHandle
GetNumberOfConsoleInputEvents
OpenWaitableTimerW
VirtualUnlock
ExpandEnvironmentStringsA
GetCurrentDirectoryW
ResumeThread
Heap32ListFirst
SetFilePointer
lstrcat
DeleteFileW
RtlZeroMemory
CreateJobObjectA
TlsSetValue
FindResourceW
SetSystemTime
SetThreadLocale
LocalShrink
LocalLock
SetConsoleScreenBufferSize
TransmitCommChar
FindResourceExA
GetProfileSectionA
TlsAlloc
GlobalFix
MultiByteToWideChar
MoveFileWithProgressA
GetConsoleOutputCP
HeapFree
lstrcpynW
WriteConsoleOutputCharacterA
GetSystemInfo
OpenJobObjectW
WriteProfileStringA
GetPrivateProfileSectionNamesW
SetupComm
CancelIo
SetMessageWaitingIndicator
GlobalAddAtomW
SetConsoleCP
WaitForDebugEvent
GetProcessTimes
GetSystemWindowsDirectoryA
QueryPerformanceCounter
GetEnvironmentVariableW
SetComputerNameW
SearchPathA
IsBadHugeReadPtr
VerLanguageNameW
TerminateProcess
DefineDosDeviceW
FindNextFileA
SetThreadIdealProcessor
GetFileSize
GetUserDefaultLangID
VerifyVersionInfoA
CancelDeviceWakeupRequest
SetInformationJobObject
SwitchToThread
GetFileAttributesW
SystemTimeToFileTime
WritePrivateProfileStringW
GetThreadSelectorEntry
FindCloseChangeNotification
OpenMutexW
GetComputerNameExA
GetPrivateProfileStringA
GetSystemTimeAdjustment
FindFirstVolumeW
DosDateTimeToFileTime
GetProfileIntW
GetCurrentProcess
CreateEventW
ReadProcessMemory
GetCommandLineA
Module32NextW
GetLogicalDriveStringsA
GlobalDeleteAtom
OpenProcess
CreateFiber
FindFirstChangeNotificationA
ReadConsoleOutputAttribute
DeleteCriticalSection
GetAtomNameW
SetConsoleTitleW
QueryPerformanceFrequency
lstrcatA
DisconnectNamedPipe
WriteFileEx
GetProcessWorkingSetSize
GetPrivateProfileStringW
VerSetConditionMask
GetDiskFreeSpaceW
FindClose
lstrcmpA
GetLargestConsoleWindowSize
ContinueDebugEvent
GetPrivateProfileIntW
DeleteVolumeMountPointW
GetTempPathA
DisableThreadLibraryCalls
SwitchToFiber
OpenFile
MoveFileExW
CreateDirectoryExW
ResetWriteWatch
EnumResourceNamesW
GetLocalTime
GetExitCodeThread
SetConsoleTitleA
FindAtomW
lstrcpynA
GlobalFindAtomA
GetStringTypeA
SetThreadPriorityBoost
GetThreadTimes
GlobalFindAtomW
SetTapePosition
_lclose
InitializeCriticalSectionAndSpinCount
CopyFileW
GetConsoleDisplayMode
EnumSystemLanguageGroupsW
CreateHardLinkA
FoldStringA
ReplaceFile
GetCommTimeouts
GenerateConsoleCtrlEvent
WriteConsoleInputA
CreateConsoleScreenBuffer
RemoveDirectoryA
GetWriteWatch

advapi32

RegOpenKeyExW

comctl32

ImageList_GetIcon
ImageList_LoadImage
ord14
ImageList_SetBkColor
FlatSB_SetScrollPos
ord16
ImageList_GetImageRect
ord3
ord13
CreatePropertySheetPageW
ImageList_Copy
InitMUILanguage
ImageList_BeginDrag
FlatSB_SetScrollProp
InitializeFlatSB
ImageList_Write
ImageList_ReplaceIcon
ImageList_SetImageCount
PropertySheetW
ImageList_SetFilter
CreateStatusWindow
ImageList_GetDragImage
PropertySheet
ImageList_AddMasked
DrawStatusTextW
ord6
PropertySheetA
DestroyPropertySheetPage
ImageList_Create
CreateToolbarEx
ImageList_Destroy
ImageList_Read
FlatSB_GetScrollInfo
FlatSB_GetScrollRange
DrawStatusText
ImageList_GetIconSize
ImageList_GetImageCount
CreatePropertySheetPage
ImageList_SetIconSize
CreatePropertySheetPageA
ord15
ImageList_Duplicate
ImageList_SetOverlayImage
ImageList_EndDrag
ImageList_Merge
FlatSB_ShowScrollBar
ImageList_DragMove
ImageList_Add
ord5
ord17
FlatSB_SetScrollInfo
ImageList_DrawIndirect
ImageList_Remove
UninitializeFlatSB
ImageList_DragLeave
FlatSB_SetScrollRange
ImageList_DragEnter
GetMUILanguage
ImageList_LoadImageW
ImageList_Replace
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_DrawEx
ord4
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ord7
ord2
FlatSB_GetScrollProp

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text11
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textH3
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH4
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH1
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH5
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH9
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH10
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87fe56bbce50b82b59b075d82b50741b

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47Certificate

Extended Key Usages

6c:6a:1e:5f:96:3f:11:d4:83:4d:8d:e2:18:c0:5c:9b:12:7a:ae:35Signer

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

.text11 Size: 263KB - Virtual size: 263KB

.text12 Size: 2KB - Virtual size: 1KB

.textH3 Size: 512B - Virtual size: 500B

.textH4 Size: 512B - Virtual size: 500B

.textH1 Size: 512B - Virtual size: 500B

.textH5 Size: 512B - Virtual size: 500B

.textH6 Size: 512B - Virtual size: 500B

.textH7 Size: 512B - Virtual size: 500B

.textH8 Size: 512B - Virtual size: 500B

.textH9 Size: 512B - Virtual size: 500B

.textH10 Size: 512B - Virtual size: 500B

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

6c:6a:1e:5f:96:3f:11:d4:83:4d:8d:e2:18:c0:5c:9b:12:7a:ae:35
Signer

.text
Size: 4KB - Virtual size: 3KB

.text11
Size: 263KB - Virtual size: 263KB

.text12
Size: 2KB - Virtual size: 1KB

.textH3
Size: 512B - Virtual size: 500B

.textH4
Size: 512B - Virtual size: 500B

.textH1
Size: 512B - Virtual size: 500B

.textH5
Size: 512B - Virtual size: 500B

.textH6
Size: 512B - Virtual size: 500B

.textH7
Size: 512B - Virtual size: 500B

.textH8
Size: 512B - Virtual size: 500B

.textH9
Size: 512B - Virtual size: 500B

.textH10
Size: 512B - Virtual size: 500B

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB