d083e60b071ba075741e659094bb9754_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d083e60b071ba075741e659094bb9754_JaffaCakes118
Size

24KB
MD5

d083e60b071ba075741e659094bb9754
SHA1

e0b5607f713bb654f75d8fea69050f453d48a8a3
SHA256

25a4997b1a44a049235b642fc54b3d13de2c1706687a441750b4b071c7ecdf58
SHA512

dd1b9928ea006dce4865b94703139ee147743996b21a876613ac5f1990a677507fd7fef9f8ecfdcecceb71f892fb3069d4bcb4f1b87e92e908d8180d8d192b16
SSDEEP

384:ik1IYlZ8t9AjQrkyzZjbxKKRZmcZQrQkCXsL25pHJahh4WWieZWZdh:ik1/8wyzvVRAcZwQkVqrHJahhdes

Score

1^/10

Malware Config

Signatures

Files

d083e60b071ba075741e659094bb9754_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72131cbd13137b692b87ec16e067044d

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12/03/2012, 12:03

Not After

31/12/2039, 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

63:d0:8e:30:06:7a:1d:71:8e:91:45:08:4e:b5:3d:54:94:41:29:9c
Signer

Actual PE Digest

63:d0:8e:30:06:7a:1d:71:8e:91:45:08:4e:b5:3d:54:94:41:29:9c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcpyn
lstrcpyA
lstrcmpA
lstrcmp
_hread
WriteFileEx
WriteConsoleW
WinExec
WaitForDebugEvent
TlsAlloc
SwitchToFiber
SetVolumeMountPointW
SetThreadIdealProcessor
SetTapePosition
SetSystemPowerState
SetPriorityClass
SetLocalTime
SetEnvironmentVariableA
SetCurrentDirectoryW
SetConsoleTitleW
SetConsoleMode
SetConsoleCtrlHandler
SetConsoleCP
SetComputerNameW
SetComputerNameExW
SetCommTimeouts
SetCommState
SetCalendarInfoA
RemoveDirectoryW
ReadConsoleInputW
PeekNamedPipe
PeekConsoleInputW
OpenThread
OpenSemaphoreW
MoveFileW
Module32Next
MapViewOfFile
LocalShrink
LoadLibraryExW
LoadLibraryExA
IsBadStringPtrA
InitializeCriticalSectionAndSpinCount
GlobalUnWire
GlobalDeleteAtom
GetTimeZoneInformation
GetModuleHandleA
GetThreadTimes
GetThreadContext
GetTapeParameters
GetStringTypeW
GetStdHandle
GetPrivateProfileIntA
GetModuleFileNameW
GetDiskFreeSpaceExW
GetCurrencyFormatW
GetCurrencyFormatA
GetConsoleScreenBufferInfo
GetConsoleFontSize
GetConsoleAliasExesA
GetComputerNameExA
GetCommandLineA
GetCommProperties
GetACP
GenerateConsoleCtrlEvent
FreeLibraryAndExitThread
FreeConsole
FoldStringW
FlushConsoleInputBuffer
FindVolumeClose
FindNextFileW
FindCloseChangeNotification
FindClose
FillConsoleOutputCharacterW
ExpandEnvironmentStringsW
EscapeCommFunction
EnumTimeFormatsW
EnumSystemLanguageGroupsW
EnumSystemLanguageGroupsA
EnumCalendarInfoExA
DeleteFileW
DeleteFiber
CreateThread
CreateJobObjectW
CreateIoCompletionPort
CreateEventW
CompareFileTime
CommConfigDialogW
CancelTimerQueueTimer
BuildCommDCBAndTimeoutsW
BindIoCompletionCallback
AllocateUserPhysicalPages
GetProcAddress
GetTempPathA

msvcrt

memset

user32

wvsprintfA
wsprintfW
keybd_event
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TrackPopupMenu
ToAscii
TileChildWindows
SubtractRect
ShowOwnedPopups
SetWinEventHook
SendInput
SendIMEMessageExA
ReleaseCapture
RegisterClassA
RealGetWindowClassA
OpenIcon
OffsetRect
OemToCharW
MsgWaitForMultipleObjectsEx
MoveWindow
MonitorFromRect
MonitorFromPoint
ModifyMenuA
MessageBoxIndirectW
MessageBoxA
MapVirtualKeyExA
MapDialogRect
LookupIconIdFromDirectoryEx
LockWorkStation
LoadIconA
LoadCursorA
IsMenu
InSendMessageEx
ImpersonateDdeClientWindow
IMPGetIMEA
GetWindowTextLengthW
GetUserObjectInformationW
GetTabbedTextExtentA
GetSysColorBrush
GetPropW
GetMonitorInfoW
GetMessageW
GetMessageTime
GetMenuItemCount
GetMenuBarInfo
GetLastInputInfo
GetKeyboardLayout
GetKeyNameTextA
GetInputState
GetDlgItemTextA
GetDlgCtrlID
GetDesktopWindow
GetCursor
GetClipboardFormatNameA
GetClassInfoW
GetClassInfoExW
GetAltTabInfo
FlashWindow
FindWindowExW
FindWindowExA
FindWindowA
EnumWindows
EnumThreadWindows
EnumDesktopsA
EnableScrollBar
DrawTextW
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DestroyAcceleratorTable
DdeQueryStringA
DdeInitializeA
DdeImpersonateClient
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamW
CreateCaret
CopyIcon
CloseWindowStation
ClientToScreen
CheckMenuRadioItem
CharUpperBuffW
CharPrevExA
CharNextW
ChangeMenuW
ChangeMenuA
CascadeChildWindows
CallWindowProcA
CallNextHookEx
AppendMenuW
GetMessageA

gdi32

AddFontResourceTracking
ArcTo
BitBlt
CLIPOBJ_bEnum
CloseEnhMetaFile
CreateBitmap
CreateColorSpaceW
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateFontIndirectW
CreateMetaFileA
CreatePenIndirect
CreatePolygonRgn
CreateRectRgnIndirect
CreateRoundRectRgn
DeleteColorSpace
DeleteDC
EngEraseSurface
EngLoadModule
EngLockSurface
EngQueryEMFInfo
EngStretchBlt
ExtCreateRegion
FONTOBJ_pvTrueTypeFontFile
FillRgn
FlattenPath
GdiCleanCacheDC
GdiConvertBitmapV5
GdiConvertFont
GdiDescribePixelFormat
GdiEntry10
GdiEntry4
GdiEntry5
GdiFixUpHandle
GdiGetLocalDC
GdiResetDCEMF
GdiSetAttrs
GdiSetLastError
GdiValidateHandle
GetBitmapBits
GetCharWidth32A
GetCharacterPlacementW
GetColorSpace
GetDCOrgEx
GetDIBColorTable
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetEnhMetaFileDescriptionW
GetEnhMetaFilePaletteEntries
GetFontUnicodeRanges
GetGlyphIndicesA
GetKerningPairs
GetMetaRgn
GetNearestPaletteIndex
GetObjectA
GetOutlineTextMetricsW
GetPaletteEntries
GetPath
GetPixel
GetStringBitmapW
GetTextMetricsW
GetWindowOrgEx
GetWorldTransform
InvertRgn
ModifyWorldTransform
OffsetViewportOrgEx
PatBlt
Pie
PlgBlt
PolyBezierTo
PolyDraw
PolyPolyline
RemoveFontResourceExW
RemoveFontResourceW
ResetDCA
RestoreDC
RoundRect
STROBJ_vEnumStart
SaveDC
SetBkColor
SetDCBrushColor
SetLayoutWidth
SetMapMode
SetMetaRgn
SetPixelV
SetROP2
SetRectRgn
SetSystemPaletteUse
XFORMOBJ_iGetXform
XLATEOBJ_hGetColorTransform
bMakePathNameW
AddFontResourceA

advapi32

RegOpenKeyExW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72131cbd13137b692b87ec16e067044d

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

63:d0:8e:30:06:7a:1d:71:8e:91:45:08:4e:b5:3d:54:94:41:29:9cSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

63:d0:8e:30:06:7a:1d:71:8e:91:45:08:4e:b5:3d:54:94:41:29:9c
Signer

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB