be719be61af965ff761ca83b225fa792_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

be719be61af965ff761ca83b225fa792_JaffaCakes118
Size

100KB
MD5

be719be61af965ff761ca83b225fa792
SHA1

1a400ea864cb39c20c59c4f73a223f5e6ef3112f
SHA256

7a636bfa6825ca4b27b2618f863980a2718fb9cdc1adc0d652bdd7046642d9dd
SHA512

87bf30b4225884c26132555943247cf075b2aaf42e5450176526af50330a9303de17c1f2090fdecb826bf5999d68ba7dac2ae9cdce2fb6b4d83040310ba36ea7
SSDEEP

1536:w9k3ZYQy2yZVwh3ZeOFjg10mRCVp9QMwbv/viJtqhgmnVY8UlNf:w9k3ZYQz8wh3lE1vCP2Luogmn2HlNf

Score

1^/10

Malware Config

Signatures

Files

be719be61af965ff761ca83b225fa792_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7e0ce1f7d7f7756d80a30bcd8ee9a71d

Code Sign

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0e
Certificate

Issuer

CN=666666

Not Before

12-02-2012 08:59

Not After

31-12-2039 23:59

Subject

CN=666666

Extended Key Usages

ExtKeyUsageCodeSigning

5d:ad:bf:c4:6a:8a:e2:d1:da:2b:18:d0:41:cb:be:54:e9:df:02:db
Signer

Actual PE Digest

5d:ad:bf:c4:6a:8a:e2:d1:da:2b:18:d0:41:cb:be:54:e9:df:02:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringW
GetSystemTimeAsFileTime
GetTempPathA
GetThreadPriority
GetVolumeNameForVolumeMountPointW
GlobalFree
GlobalSize
HeapCompact
HeapCreate
InterlockedIncrement
IsSystemResumeAutomatic
IsValidCodePage
LoadLibraryExW
LocalAlloc
LocalReAlloc
MoveFileWithProgressA
PeekConsoleInputW
PeekNamedPipe
QueryDosDeviceW
QueueUserWorkItem
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReleaseSemaphore
ResetWriteWatch
GetProfileSectionA
SetComputerNameW
SetConsoleCursorPosition
SetConsoleDisplayMode
SetDefaultCommConfigA
SetFileAttributesW
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetThreadExecutionState
SetThreadLocale
SetThreadPriorityBoost
SizeofResource
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
Thread32First
UnhandledExceptionFilter
VirtualQuery
WriteConsoleInputA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
WritePrivateProfileStructW
lstrcmp
GetProfileIntA
GetNumberFormatA
GetNamedPipeInfo
GetModuleFileNameW
GetModuleFileNameA
GetLogicalDrives
GetFullPathNameA
GetEnvironmentVariableA
CreateFileA
GetEnvironmentStrings
GetDriveTypeA
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDiskFreeSpaceA
GetConsoleOutputCP
GetConsoleMode
GetConsoleAliasExesLengthA
GetCommConfig
GetCPInfoExA
FindVolumeClose
FindResourceW
FindNextVolumeMountPointW
FindNextFileW
FindFirstVolumeMountPointA
FindFirstFileA
FileTimeToDosDateTime
EnumResourceLanguagesW
EnumLanguageGroupLocalesA
DnsHostnameToComputerNameW
DisableThreadLibraryCalls
DeviceIoControl
DeleteTimerQueueTimer
DeleteTimerQueue
DeleteFileA
DefineDosDeviceW
CreateRemoteThread
CreateMailslotA
ConvertDefaultLocale
CommConfigDialogW
CloseHandle
CancelWaitableTimer
CancelDeviceWakeupRequest
BeginUpdateResourceW
BeginUpdateResourceA
BackupSeek
LoadLibraryW
GetProcAddress
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
SearchPathW

shell32

SHCreateDirectoryExA
Shell_NotifyIcon
ShellExecuteA
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHInvokePrinterCommandA
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDList
SHGetMalloc
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstW
DragFinish
DragQueryFile
DragQueryFileAorW
DragQueryFileW
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHBrowseForFolderA
SHIsFileAvailableOffline
SHCreateDirectoryExW
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceExA
SHGetFileInfo
SHGetFileInfoA
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexW
SHGetInstanceExplorer

shlwapi

StrChrA
StrChrIA
StrChrW
StrStrW
StrStrIW
StrStrIA
StrRStrIW
StrRStrIA
StrRChrW
StrRChrIA
StrRChrA
StrCmpNW
StrCmpNIW
StrCmpNIA

comctl32

CreatePropertySheetPage
CreatePropertySheetPageW
CreateStatusWindow
ord7
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_SetScrollRange
FlatSB_ShowScrollBar
ord4
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_EndDrag
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageRect
ImageList_LoadImage
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_SetFilter
ImageList_SetImageCount
ord17
InitializeFlatSB
ord14
ord13
ord2
PropertySheetA
PropertySheetW
ord3
UninitializeFlatSB
_TrackMouseEvent
ord8

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e0ce1f7d7f7756d80a30bcd8ee9a71d

Code Sign

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0eCertificate

Extended Key Usages

5d:ad:bf:c4:6a:8a:e2:d1:da:2b:18:d0:41:cb:be:54:e9:df:02:dbSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

shlwapi

comctl32

Sections

.text Size: 85KB - Virtual size: 85KB

.data Size: 512B - Virtual size: 204B

.d1 Size: 1024B - Virtual size: 1000B

.d2 Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 277KB

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0e
Certificate

5d:ad:bf:c4:6a:8a:e2:d1:da:2b:18:d0:41:cb:be:54:e9:df:02:db
Signer

.text
Size: 85KB - Virtual size: 85KB

.data
Size: 512B - Virtual size: 204B

.d1
Size: 1024B - Virtual size: 1000B

.d2
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 277KB