bf90bb143f9ea9758e0158710c8ea43e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf90bb143f9ea9758e0158710c8ea43e_JaffaCakes118
Size

44KB
MD5

bf90bb143f9ea9758e0158710c8ea43e
SHA1

ef78578080fc85d876aba2661067402d01f4eb36
SHA256

c72618202acb4d03f33de4303543f8f8018b0b314796f5f5474f4689b3d6e6b6
SHA512

174633729872a3995d76a6f22cccea4c52b1af77461493fd44ca6cffaa8d7bd3e4e421ebfc50aebf8c181c5de012026296055253094015bc6be901b7cbd1767f
SSDEEP

768:GTISARlfesh89ui2JFiiEO1v4Lz7CYIaRU1VrVm9JjaXPXIKAjHslK1ycD:h9eX52XA2kU1xg9Q

Score

1^/10

Malware Config

Signatures

Files

bf90bb143f9ea9758e0158710c8ea43e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

323084440404fc4807174482dfc9de09

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

Issuer

CN=K6cyVsKULMDi

Not Before

15/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=K6cyVsKULMDi

Extended Key Usages

ExtKeyUsageCodeSigning

91:5b:03:0d:de:1c:06:06:eb:db:d6:1b:58:e6:a5:fa:1d:60:52:18
Signer

Actual PE Digest

91:5b:03:0d:de:1c:06:06:eb:db:d6:1b:58:e6:a5:fa:1d:60:52:18

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
CreateFileW
lstrlenW
lstrcpyW
VirtualAlloc

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyExA

shlwapi

StrCmpIW
StrCmpW
StrCpyW
StrDupW
StrFormatKBSizeW
StrNCatW
StrRStrIA
StrStrIA
StrStrIW
StrStrW
StrTrimA
StrTrimW
UrlCanonicalizeA
UrlCanonicalizeW
UrlHashA
UrlIsA
UrlIsNoHistoryA
UrlUnescapeA
UrlUnescapeW
wnsprintfW
wvnsprintfW
StrCatW
SHSetThreadRef
SHRegWriteUSValueA
SHRegQueryInfoUSKeyW
SHRegGetUSValueW
SHRegGetPathA
SHRegGetBoolUSValueW
SHRegEnumUSValueW
SHRegDuplicateHKey
SHRegDeleteUSValueW
SHRegCloseUSKey
SHQueryInfoKeyA
SHIsLowMemoryMachine
SHGetThreadRef
SHDeleteValueW
SHDeleteValueA
SHDeleteKeyA
ord16
SHCopyKeyW
PathUnquoteSpacesW
PathStripToRootW
PathStripPathA
PathSkipRootA
PathSearchAndQualifyA
PathRenameExtensionA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashW
PathRelativePathToW
PathRelativePathToA
PathMatchSpecA
PathIsUNCServerShareA
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsPrefixA
PathIsNetworkPathA
PathIsLFNFileSpecA
PathIsFileSpecW
PathIsDirectoryW
PathIsContentTypeA
PathGetDriveNumberW
PathGetArgsA
PathFindFileNameW
PathCombineW
PathCanonicalizeA
PathBuildRootA
PathAppendW
PathAddBackslashW
PathAddBackslashA
GetMenuPosFromID
ColorRGBToHLS
ColorAdjustLuma
ChrCmpIA
AssocQueryKeyW
AssocCreate
SHRegQueryUSValueA

comctl32

CreatePropertySheetPageW
CreateStatusWindow
ord6
CreateStatusWindowW
ord7
CreateToolbarEx
ord16
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollPos
FlatSB_GetScrollProp
FlatSB_GetScrollRange
CreatePropertySheetPage
FlatSB_SetScrollPos
FlatSB_ShowScrollBar
ord4
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
FlatSB_SetScrollInfo
_TrackMouseEvent
ord3
PropertySheetW
PropertySheetA
ord2
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetBkColor
ImageList_Replace
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ord8

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

323084440404fc4807174482dfc9de09

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8Certificate

Extended Key Usages

91:5b:03:0d:de:1c:06:06:eb:db:d6:1b:58:e6:a5:fa:1d:60:52:18Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

shlwapi

comctl32

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 220B

.v2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

91:5b:03:0d:de:1c:06:06:eb:db:d6:1b:58:e6:a5:fa:1d:60:52:18
Signer

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 220B

.v2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB