ce77fbcf9872d707346d899cf45d8adf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce77fbcf9872d707346d899cf45d8adf_JaffaCakes118
Size

4.5MB
MD5

ce77fbcf9872d707346d899cf45d8adf
SHA1

37974ca41af3ccd1c6b16647e11f2d4654e75507
SHA256

50a621dbfab0e1bc3104e9cbe9464d55da7f9e64621084677dc387ce387103fd
SHA512

f16cb3b98867aff44d9be121308f186be69c75ecbcbb1868198e58a052d0bc8b5f018dfa0570aa80985bbcc12ecfbb2c1fa3f116f186ee61542a934750f536a7
SSDEEP

98304:M+lm2I3WnGapJV8J6jjqNPg6DffDKTF1/i8HYWbss26xXiYiNC28M:62I3kGaRzPC3DqFpilWQs26xXSCRM

Score

1^/10

Malware Config

Signatures

Files

ce77fbcf9872d707346d899cf45d8adf_JaffaCakes118
.rar
155绿色软件站.url
.url
InstantDemoPro.exe
.exe windows:4 windows x86 arch:x86

c1fa56cc8e5644042e59c22709d2250f

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f3:eb:88:68:53:f9:55:2a:05:3e:f7:f7:3f:43:8e:5e
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

28/05/2008, 00:00

Not After

28/05/2011, 23:59

Subject

CN=NetPlay Software,O=NetPlay Software,POSTALCODE=2526,STREET=47 Tamarind Drive,L=Unanderra,ST=NSW,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c7:b6:dd:d0:db:4a:06:9d:c8:1f:e5:92:87:cc:3f:b6:d7:99:7c:3e
Signer

Actual PE Digest

c7:b6:dd:d0:db:4a:06:9d:c8:1f:e5:92:87:cc:3f:b6:d7:99:7c:3e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

FindFirstFileA
CreateDirectoryA
RemoveDirectoryA
FormatMessageA
ReadFile
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetEnvironmentVariableA
GetLogicalDriveStringsA
GetDriveTypeA
GetStringTypeExA
GetTempFileNameA
FindNextFileA
CreateProcessA
GetExitCodeProcess
GetVersion
lstrcmpA
GetDiskFreeSpaceA
GetModuleHandleA
MulDiv
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
OutputDebugStringA
LoadLibraryExA
GetSystemDefaultLangID
EnumResourceLanguagesA
lstrcmpiA
GlobalMemoryStatus
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
lstrcpynA
MultiByteToWideChar
lstrlenW
CreateMutexA
GetFileAttributesA
SetFileAttributesA
CopyFileA
ExitProcess
DebugBreak
HeapSize
HeapReAlloc
HeapDestroy
LocalAlloc
FindClose
lstrlenA
HeapFree
GetProcessHeap
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStartupInfoA
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
VirtualProtect
InitializeCriticalSection
DeleteCriticalSection
RaiseException
GetModuleFileNameA
GetProcAddress
LoadLibraryA
ResetEvent
Sleep
FlushFileBuffers
WriteFile
MoveFileA
DeleteFileA
GetFileSize
SetFilePointer
CreateFileA
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateEventA
SetEvent
GetExitCodeThread
WaitForSingleObject
GetLastError
CreateThread
CloseHandle
FreeLibrary
VirtualAlloc
GetSystemInfo
VirtualQuery
GetUserDefaultLangID
RtlUnwind

user32

GetWindowDC
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetSubMenu
LoadMenuA
TrackPopupMenu
EnableMenuItem
ExitWindowsEx
GetDC
GetSystemMetrics
SetFocus
DestroyMenu
ModifyMenuA
GetSystemMenu
ReleaseDC
LoadIconA
DefWindowProcA
CallWindowProcA
InvalidateRect
RedrawWindow
ShowWindow
CreateWindowExA
DestroyWindow
RemovePropA
SetPropA
IsWindow
PostMessageA
MessageBoxA
KillTimer
EnableWindow
SetTimer
IsDialogMessageA
CreateDialogParamA
LoadImageA
PostQuitMessage
DialogBoxParamA
GetActiveWindow
LoadStringA
SetWindowLongA
SendMessageA
GetWindowLongA
GetWindow
SystemParametersInfoA
GetWindowRect
ScreenToClient
GetPropA
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
SetWindowTextA
GetDlgItem
UnregisterClassA
CharNextA
GetDesktopWindow
IsWindowVisible
wvsprintfA
EndDialog

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetWindowExtEx
GetViewportExtEx
SetMapMode
GetMapMode
DeleteDC
DeleteObject
GetDeviceCaps

advapi32

UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
RegQueryInfoKeyA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyExA
CloseServiceHandle

shell32

ShellExecuteA
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA

ole32

CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr
OleLoadPicture

comctl32

PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1fa56cc8e5644042e59c22709d2250f

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

f3:eb:88:68:53:f9:55:2a:05:3e:f7:f7:3f:43:8e:5eCertificate

Extended Key Usages

Key Usages

c7:b6:dd:d0:db:4a:06:9d:c8:1f:e5:92:87:cc:3f:b6:d7:99:7c:3eSigner

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 56KB - Virtual size: 55KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

f3:eb:88:68:53:f9:55:2a:05:3e:f7:f7:3f:43:8e:5e
Certificate

c7:b6:dd:d0:db:4a:06:9d:c8:1f:e5:92:87:cc:3f:b6:d7:99:7c:3e
Signer

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 56KB - Virtual size: 55KB