c0ec06148a17e5fd9e76ee03e1ce2b8f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c0ec06148a17e5fd9e76ee03e1ce2b8f_JaffaCakes118
Size

54KB
MD5

c0ec06148a17e5fd9e76ee03e1ce2b8f
SHA1

93c3ce5f2a71f443971662f7ee8ef508c5bde418
SHA256

9bd2f3d797bb07851a0efdf355a870bfd1da8393fa27551ed00d19b93b09c54a
SHA512

28c407f102c0bac19ca71c72f114428634a85cdac9a4949bb00571c72f2620579e4f9c2e91751c281f48e497c4f16fe165375325cd2319c79c56b117dc473c8e
SSDEEP

768:Zxppc6AGzmNMdcfLA6BL3eRc9dbzhoqvk+XTNbSyGuSe8MYYdJxsEj:ZxpzZzmNu8iRibFo6k+jNvSXYjx5

Score

1^/10

Malware Config

Signatures

Files

c0ec06148a17e5fd9e76ee03e1ce2b8f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1ebc5d281a20a8226c4ad98894cc4f92

Code Sign

52:88:4c:dc:6e:54:bb:74:b3:20:50:62:ff:c3:1c:13
Certificate

Issuer

CN=CFFg53E8lKBpKh178EXAL5wk5

Not Before

17-04-2012 06:45

Not After

31-12-2039 23:59

Subject

CN=CFFg53E8lKBpKh178EXAL5wk5

Extended Key Usages

ExtKeyUsageCodeSigning

b2:b8:e0:e2:4a:94:82:e0:b3:fb:53:32:69:3d:88:88:e9:ed:23:51
Signer

Actual PE Digest

b2:b8:e0:e2:4a:94:82:e0:b3:fb:53:32:69:3d:88:88:e9:ed:23:51

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
AddAtomA
Beep
BindIoCompletionCallback
CallNamedPipeW
CloseHandle
CreateDirectoryExW
CreateFileMappingA
CreateFileW
CreateNamedPipeA
CreateProcessW
CreateRemoteThread
CreateTimerQueue
DeleteFiber
DeleteTimerQueue
DisableThreadLibraryCalls
EnumDateFormatsA
EnumLanguageGroupLocalesA
EnumSystemCodePagesW
EnumSystemLocalesW
ExitProcess
FatalExit
FindClose
FindFirstVolumeA
FindNextFileA
FindNextVolumeA
FindVolumeMountPointClose
FreeResource
GetCPInfo
GetCompressedFileSizeW
GetConsoleAliasExesA
GetConsoleAliasExesW
GetConsoleAliasesA
GetConsoleFontSize
GetCurrentProcess
GetDefaultCommConfigW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileSizeEx
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleW
GetNumberFormatW
GetPrivateProfileIntA
GetPrivateProfileSectionNamesW
GetPrivateProfileStringA
GetStartupInfoW
GetSystemInfo
GetThreadContext
GetThreadPriority
lstrcatA
GetVersionExW
GlobalFindAtomA
GlobalGetAtomNameA
GlobalHandle
GlobalUnlock
Heap32ListFirst
Heap32ListNext
HeapFree
InterlockedExchange
InterlockedIncrement
LocalLock
LockResource
MapViewOfFile
Module32First
Module32FirstW
MoveFileA
MoveFileExW
PeekConsoleInputA
PeekNamedPipe
PrepareTape
ReadConsoleA
ReadFileEx
ReplaceFile
SearchPathW
SetCommState
SetCommTimeouts
SetComputerNameW
SetConsoleDisplayMode
SetConsoleScreenBufferSize
SetDefaultCommConfigW
SetEnvironmentVariableA
SetFilePointerEx
SetProcessPriorityBoost
SetProcessWorkingSetSize
SetThreadPriorityBoost
SuspendThread
SystemTimeToFileTime
TlsSetValue
UpdateResourceA
VirtualQuery
WaitForDebugEvent
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleOutputCharacterA
WritePrivateProfileSectionW
WriteProfileStringW
_lwrite
lstrcatW
lstrcpy
lstrcpynA
lstrlenW
CreateFileA
GetTimeZoneInformation
VirtualAllocEx

user32

SetFocus
SetForegroundWindow
SetMenuInfo
SetMenuItemBitmaps
SetMenuItemInfoA
SetMenuItemInfoW
SetMessageExtraInfo
SetMessageQueue
SetParent
SetProcessDefaultLayout
SetPropA
SetPropW
SetScrollPos
SetScrollRange
SetSysColors
SetTimer
SetUserObjectInformationW
SetUserObjectSecurity
SetWinEventHook
SetWindowLongA
SetWindowTextA
SetWindowWord
SetWindowsHookA
SetWindowsHookExW
ShowWindowAsync
SwapMouseButton
TabbedTextOutA
TileWindows
ToAscii
ToUnicodeEx
TrackPopupMenu
TrackPopupMenuEx
UnhookWinEvent
UnpackDDElParam
UnregisterClassA
UpdateLayeredWindow
UpdateWindow
UserHandleGrantAccess
ValidateRgn
VkKeyScanA
WINNLSGetIMEHotkey
WaitForInputIdle
WaitMessage
WinHelpA
WinHelpW
mouse_event
wvsprintfA
wvsprintfW
SetDlgItemTextW
SetDlgItemTextA
SetClipboardViewer
SetClassWord
SendNotifyMessageW
SendNotifyMessageA
SendMessageTimeoutA
SendMessageA
ScrollDC
ReuseDDElParam
RemovePropW
ReleaseDC
RegisterDeviceNotificationW
RedrawWindow
PtInRect
PostMessageW
PostMessageA
PackDDElParam
OpenWindowStationA
OpenInputDesktop
OffsetRect
OemToCharBuffW
OemToCharA
OemKeyScan
NotifyWinEvent
MonitorFromPoint
MessageBoxIndirectA
MapVirtualKeyExA
LookupIconIdFromDirectoryEx
LoadKeyboardLayoutW
LoadKeyboardLayoutA
LoadImageA
LoadIconW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
IsWindowVisible
IsRectEmpty
IsDlgButtonChecked
IsDialogMessageA
IsDialogMessage
IsCharUpperA
IsCharLowerW
IsCharLowerA
InvertRect
InvalidateRgn
InternalGetWindowText
InsertMenuW
InsertMenuItemW
ImpersonateDdeClientWindow
IMPQueryIMEW
IMPGetIMEW
IMPGetIMEA
HideCaret
GrayStringW
GetWindowWord
GetWindowTextLengthA
GetWindowLongA
GetWindowContextHelpId
GetWindow
GetUserObjectSecurity
GetSysColorBrush
GetSysColor
GetScrollRange
GetQueueStatus
GetPropW
GetPriorityClipboardFormat
GetParent
GetNextDlgGroupItem
GetMonitorInfoA
GetMessageExtraInfo
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoW
GetMenuItemInfoA
GetMenuDefaultItem
GetMenuContextHelpId
GetMenuBarInfo
GetListBoxInfo
GetLastActivePopup
GetKeyboardType
GetKeyboardState
GetKeyboardLayoutList
GetKeyState
GetKeyNameTextA
GetKBCodePage
GetInputState
GetIconInfo
GetGUIThreadInfo
GetDlgItemTextA
GetDlgItem
GetCursorPos
GetCursorInfo
GetCursor
GetClipboardViewer
GetClipboardSequenceNumber
GetClipboardFormatNameA
GetCaretBlinkTime
GetAsyncKeyState
GetAncestor
GetAltTabInfo
GetActiveWindow
FreeDDElParam
FrameRect
FindWindowExW
ExitWindowsEx
EqualRect
EnumThreadWindows
EnumPropsW
EnumPropsA
EnumDisplayDevicesW
EnumDesktopWindows
EnumChildWindows
EndTask
EnableScrollBar
EmptyClipboard
DrawTextW
DrawStateW
DrawIconEx
DrawFrameControl
DrawCaption
DrawAnimatedRects
DragDetect
DlgDirSelectExW
DlgDirSelectExA
DlgDirListW
DlgDirListComboBoxA
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxIndirectParamW
DestroyWindow
DestroyIcon
DeregisterShellHookWindow
DefMDIChildProcA
DefFrameProcW
DdeUnaccessData
DdeReconnect
DdeInitializeW
DdeInitializeA
DdeImpersonateClient
DdeFreeDataHandle
DdeCreateStringHandleW
DdeCreateStringHandleA
DdeConnectList
DdeCmpStringHandles
DdeAccessData
DdeAbandonTransaction
CreateWindowStationA
CreateMDIWindowW
CreateIconFromResourceEx
CreateIcon
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateCursor
CreateCaret
CountClipboardFormats
CopyImage
CopyIcon
CopyAcceleratorTableA
CloseDesktop
ClientToScreen
ChildWindowFromPointEx
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharPrevA
CharNextA
CharLowerW
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsExW
ChangeDisplaySettingsA
CascadeChildWindows
CallWindowProcA
CallNextHookEx
CallMsgFilterW
CallMsgFilter
BringWindowToTop
BlockInput
AppendMenuW
AppendMenuA
AllowSetForegroundWindow
AdjustWindowRectEx
AdjustWindowRect
LoadStringW

advapi32

RegOpenKeyW
RegCloseKey

shlwapi

UrlUnescapeW
UrlIsW
UrlIsOpaqueW
UrlIsOpaqueA
UrlIsNoHistoryW
UrlIsNoHistoryA
UrlIsA
UrlHashA
UrlGetLocationA
UrlEscapeW
UrlEscapeA
UrlCreateFromPathW
UrlCreateFromPathA
UrlCompareA
UrlCombineW
UrlCanonicalizeW
UrlApplySchemeW
StrTrimW
StrToIntW
StrToIntExA
StrStrIW
StrStrIA
StrStrA
StrRetToStrW
StrRetToStrA
StrRetToBufW
StrRStrIW
StrRStrIA
StrRChrW
StrRChrIW
StrRChrA
StrPBrkW
StrPBrkA
StrFromTimeIntervalW
StrFormatKBSizeA
StrFormatByteSizeA
StrFormatByteSize64A
wnsprintfA
StrCpyW
StrCmpW
StrCmpNW
StrCmpNIW
StrCmpNIA
StrCmpIW
StrChrIW
StrChrIA
StrChrA
StrCatW
StrCatBuffW
StrCatBuffA
StrCSpnW
StrCSpnIW
StrCSpnIA
StrCSpnA
SHSkipJunction
SHSetValueA
SHSetThreadRef
SHRegWriteUSValueW
SHRegSetUSValueW
SHRegSetUSValueA
SHRegSetPathA
SHRegQueryUSValueW
SHRegQueryUSValueA
SHRegQueryInfoUSKeyW
SHRegQueryInfoUSKeyA
SHRegOpenUSKeyW
SHRegGetUSValueA
SHRegGetPathW
SHRegGetPathA
SHRegGetBoolUSValueW
SHRegGetBoolUSValueA
SHRegEnumUSValueW
SHRegEnumUSKeyW
SHRegEnumUSKeyA
SHRegDuplicateHKey
SHRegDeleteUSValueW
SHRegDeleteUSValueA
SHRegDeleteEmptyUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegCreateUSKeyW
SHRegCloseUSKey
SHQueryValueExW
SHQueryInfoKeyW
SHOpenRegStreamW
SHOpenRegStreamA
SHOpenRegStream2A
SHIsLowMemoryMachine
SHGetInverseCMAP
SHEnumValueW
SHEnumKeyExA
SHDeleteValueW
SHDeleteKeyA
SHDeleteEmptyKeyW
SHDeleteEmptyKeyA
SHCopyKeyA
PathUnquoteSpacesA
PathUnmakeSystemFolderW
PathUnmakeSystemFolderA
PathUndecorateW
PathUnExpandEnvStringsW
PathUnExpandEnvStringsA
PathStripToRootA
PathStripPathA
PathSkipRootA
PathSetDlgItemPathW
PathSetDlgItemPathA
PathSearchAndQualifyW
PathRenameExtensionA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashA
PathRemoveArgsW
PathRelativePathToW
PathQuoteSpacesW
PathQuoteSpacesA
PathMatchSpecA
PathMakeSystemFolderW
PathMakeSystemFolderA
PathIsURLW
PathIsURLA
PathIsUNCW
PathIsUNCServerShareW
PathIsUNCServerShareA
PathIsUNCServerA
PathIsUNCA
PathIsSameRootW
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsRelativeW
PathIsLFNFileSpecW
PathIsLFNFileSpecA
PathIsFileSpecA
PathIsDirectoryEmptyW
PathIsDirectoryEmptyA
PathIsDirectoryA
PathIsContentTypeW
PathIsContentTypeA
PathGetDriveNumberW
PathGetDriveNumberA
PathGetCharTypeW
PathGetCharTypeA
PathGetArgsA
PathFindSuffixArrayW
PathFindSuffixArrayA
PathFindOnPathW
PathFindOnPathA
PathFindNextComponentW
PathFindNextComponentA
PathFindFileNameW
PathFindExtensionW
PathFindExtensionA
PathFileExistsW
PathFileExistsA
PathCreateFromUrlW
PathCreateFromUrlA
PathCompactPathW
PathCompactPathExW
PathCompactPathExA
PathCommonPrefixW
PathCombineA
PathCanonicalizeW
PathCanonicalizeA
PathAppendW
PathAppendA
PathAddExtensionW
PathAddExtensionA
PathAddBackslashW
PathAddBackslashA
IntlStrEqWorkerW
IntlStrEqWorkerA
HashData
ColorRGBToHLS
ChrCmpIW
ChrCmpIA
AssocQueryStringW
AssocQueryStringByKeyW
AssocQueryStringByKeyA
AssocQueryStringA
AssocCreate
wvnsprintfA
wvnsprintfW
StrDupA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ebc5d281a20a8226c4ad98894cc4f92

Code Sign

52:88:4c:dc:6e:54:bb:74:b3:20:50:62:ff:c3:1c:13Certificate

Extended Key Usages

b2:b8:e0:e2:4a:94:82:e0:b3:fb:53:32:69:3d:88:88:e9:ed:23:51Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 5KB - Virtual size: 4KB

.text2 Size: 26KB - Virtual size: 25KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 100B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 2KB

52:88:4c:dc:6e:54:bb:74:b3:20:50:62:ff:c3:1c:13
Certificate

b2:b8:e0:e2:4a:94:82:e0:b3:fb:53:32:69:3d:88:88:e9:ed:23:51
Signer

.text
Size: 5KB - Virtual size: 4KB

.text2
Size: 26KB - Virtual size: 25KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 100B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 2KB