d13e939121e6c1f4117a328f80879617_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d13e939121e6c1f4117a328f80879617_JaffaCakes118
Size

209KB
MD5

d13e939121e6c1f4117a328f80879617
SHA1

b1ba95ab314498be517c75d8540c1b6cf5384941
SHA256

d60980dfe07850cbcb692b18afda14b0008c14d5fa8a6f1e3f193d55e1de1808
SHA512

68bfd80b25a7e6a78013d490b13d2a70d31148c80f9c926f891516e2de3589547f3c224ec3ba091bae4af72ec5f9dc76edd613a3201b21cc3c197e6686692046
SSDEEP

3072:N8mdTNXDGyIjH9PRnv6z9yhBMhHfNKN5cBWynXf3u9T/NEdSh2TwRCZRzcGBtJjE:NdDOdJnBUl25cBWi3w+dShGwgbG

Score

1^/10

Malware Config

Signatures

Files

d13e939121e6c1f4117a328f80879617_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2c0b9c45a7e209d5f05af7c3a857870f

Code Sign

44:13:8e:2c:dc:2a:46:a1:43:68:0c:8c:d3:6b:fd:5f
Certificate

Issuer

CN=T3qG1hBuh8Vhlal

Not Before

16/04/2012, 04:53

Not After

31/12/2039, 23:59

Subject

CN=T3qG1hBuh8Vhlal

Extended Key Usages

ExtKeyUsageCodeSigning

7c:9f:ae:d6:62:58:54:b3:12:00:21:7b:aa:08:b2:00:25:e2:64:93
Signer

Actual PE Digest

7c:9f:ae:d6:62:58:54:b3:12:00:21:7b:aa:08:b2:00:25:e2:64:93

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryW
VirtualAlloc
AddConsoleAliasW
Beep
CallNamedPipeA
CallNamedPipeW
CancelIo
ClearCommBreak
CommConfigDialogA
CommConfigDialogW
ConnectNamedPipe
ConvertThreadToFiber
CreateDirectoryExA
CreateDirectoryW
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateJobObjectW
CreateMailslotW
CreateMutexA
CreateMutexW
CreatePipe
CreateProcessA
CreateThread
CreateTimerQueueTimer
DebugActiveProcess
DeleteFileA
DeleteFileW
DisableThreadLibraryCalls
DuplicateHandle
EnumCalendarInfoA
EnumCalendarInfoExA
EnumDateFormatsA
EnumDateFormatsExA
EnumLanguageGroupLocalesA
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
EnumSystemCodePagesA
EnumSystemLanguageGroupsA
EnumUILanguagesA
EnumUILanguagesW
EraseTape
EscapeCommFunction
ExitThread
ExpandEnvironmentStringsW
FindAtomA
FindAtomW
FindFirstFileExW
FindFirstVolumeMountPointA
FindFirstVolumeW
FindNextFileA
FindNextVolumeA
FindNextVolumeW
FindResourceExA
FindResourceExW
FoldStringA
FormatMessageW
FreeEnvironmentStringsW
FreeResource
GetAtomNameW
GetCPInfoExW
GetCommConfig
GetCommProperties
GetCommTimeouts
GetCommandLineA
GetComputerNameExA
GetComputerNameExW
GetComputerNameW
GetConsoleAliasExesA
GetConsoleAliasExesW
GetConsoleAliasesA
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetDateFormatA
GetDevicePowerState
GetEnvironmentStringsA
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetFileType
GetLargestConsoleWindowSize
GetLogicalDriveStringsW
GetLongPathNameA
GetMailslotInfo
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetNumberFormatA
GetNumberFormatW
GetOEMCP
GetPriorityClass
GetPrivateProfileSectionNamesW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetProcessAffinityMask
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessTimes
GetProcessVersion
GetProcessWorkingSetSize
GetProfileIntW
GetProfileSectionW
GetQueuedCompletionStatus
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetSystemDirectoryA
GetSystemTime
GetSystemWindowsDirectoryA
GetTempPathA
GetThreadContext
GetThreadSelectorEntry
GetThreadTimes
GetTimeFormatA
GetUserDefaultLangID
GetVersionExA
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameA
GetWindowsDirectoryW
GlobalAddAtomA
GlobalCompact
GlobalDeleteAtom
GlobalFix
GlobalFlags
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalWire
Heap32First
Heap32ListFirst
HeapCreate
HeapDestroy
HeapReAlloc
HeapSize
InitAtomTable
InterlockedCompareExchange
InterlockedExchangeAdd
IsBadCodePtr
IsBadHugeReadPtr
IsBadStringPtrA
IsValidCodePage
IsValidLocale
LCMapStringW
LocalCompact
LocalFlags
LocalUnlock
Module32First
Module32Next
Module32NextW
MoveFileExW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OutputDebugStringA
PeekConsoleInputW
Process32First
Process32Next
PulseEvent
QueryInformationJobObject
RaiseException
ReadConsoleInputW
ReadConsoleOutputCharacterA
ReadFileEx
ReadFileScatter
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
RequestDeviceWakeup
ResetWriteWatch
RtlFillMemory
RtlMoveMemory
RtlUnwind
ScrollConsoleScreenBufferW
SearchPathA
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCursorInfo
SetConsoleCursorPosition
SetCurrentDirectoryW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetLocaleInfoA
SetLocaleInfoW
SetMessageWaitingIndicator
SetProcessPriorityBoost
SetProcessShutdownParameters
SetProcessWorkingSetSize
SetStdHandle
SetSystemPowerState
SetTapeParameters
SetTapePosition
SetThreadAffinityMask
SetThreadContext
SetThreadPriorityBoost
SetTimeZoneInformation
SetVolumeLabelW
SetVolumeMountPointA
SetVolumeMountPointW
SignalObjectAndWait
Sleep
SleepEx
TerminateProcess
TerminateThread
Thread32First
Toolhelp32ReadProcessMemory
TryEnterCriticalSection
UnregisterWaitEx
VerifyVersionInfoW
WinExec
WriteConsoleOutputAttribute
WriteFile
WriteFileGather
WriteProcessMemory
WriteProfileSectionA
WriteProfileSectionW
WriteTapemark
_lopen
_lread
_lwrite
lstrcatA
lstrcatW
lstrcmp
lstrcmpiA
lstrcpyA
lstrcpyW
lstrcpynA
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
IsDebuggerPresent

user32

BroadcastSystemMessage
CallMsgFilterW
CallWindowProcA
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsW
ChangeMenuW
CharLowerA
CharNextExA
CharNextW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharUpperA
CheckMenuRadioItem
ClipCursor
CloseClipboard
CloseDesktop
CopyRect
CreateIconFromResource
CreateMDIWindowA
CreateWindowStationW
DdeCmpStringHandles
DdeConnect
DdeConnectList
DdeCreateStringHandleA
DdeEnableCallback
DdeFreeStringHandle
DdeKeepStringHandle
DdeNameService
DdeQueryStringA
DdeQueryStringW
DdeReconnect
DdeSetUserHandle
DefFrameProcW
DefMDIChildProcW
DefWindowProcA
DefWindowProcW
DeregisterShellHookWindow
DestroyCaret
DialogBoxIndirectParamA
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageA
DispatchMessageW
DlgDirListW
DlgDirSelectComboBoxExA
DragObject
DrawAnimatedRects
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawStateA
EmptyClipboard
EnableWindow
EndDeferWindowPos
EndPaint
EndTask
EnumDesktopWindows
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumPropsExA
EnumThreadWindows
EnumWindows
ExitWindowsEx
GetActiveWindow
GetAltTabInfo
GetAltTabInfoA
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClientRect
GetClipboardFormatNameW
GetClipboardOwner
GetClipboardSequenceNumber
GetComboBoxInfo
GetDC
GetDlgCtrlID
GetDoubleClickTime
GetForegroundWindow
GetInputDesktop
GetKBCodePage
GetKeyNameTextA
GetKeyboardLayoutList
GetKeyboardType
GetLastActivePopup
GetListBoxInfo
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessageA
GetProcessWindowStation
GetPropW
GetQueueStatus
GetScrollPos
GetScrollRange
GetShellWindow
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentW
GetTitleBarInfo
GetTopWindow
GetUpdateRect
GetUserObjectInformationA
GetUserObjectInformationW
GetUserObjectSecurity
GetWindow
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowRgn
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GetWindowWord
GrayStringW
HideCaret
HiliteMenuItem
IMPGetIMEW
ImpersonateDdeClientWindow
InSendMessage
InsertMenuA
InvertRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharUpperW
IsHungAppWindow
IsWindow
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorFromFileA
LoadCursorFromFileW
LoadKeyboardLayoutA
LoadKeyboardLayoutW
LoadMenuW
LoadStringA
LockWorkStation
MapVirtualKeyA
MapVirtualKeyExA
MenuItemFromPoint
MessageBoxW
ModifyMenuA
MonitorFromPoint
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OemToCharBuffA
OemToCharBuffW
OpenDesktopW
OpenWindowStationA
PeekMessageW
PostMessageW
PostThreadMessageW
PtInRect
RealGetWindowClassA
RealGetWindowClassW
RegisterClassA
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationA
RegisterDeviceNotificationW
RegisterWindowMessageA
ReleaseCapture
RemovePropA
RemovePropW
ReplyMessage
ScreenToClient
ScrollWindow
SendDlgItemMessageW
SendIMEMessageExW
SendMessageCallbackA
SendMessageCallbackW
SendMessageTimeoutA
SetActiveWindow
SetCapture
SetCaretBlinkTime
SetCaretPos
SetCursor
SetDebugErrorLevel
SetDeskWallpaper
SetDlgItemTextA
SetDoubleClickTime
SetFocus
SetLayeredWindowAttributes
SetMenuItemBitmaps
SetMenuItemInfoW
SetMessageQueue
SetParent
SetProcessWindowStation
SetPropW
SetScrollInfo
SetSysColors
SetSystemCursor
SetUserObjectSecurity
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowsHookExW
ShowWindow
SubtractRect
SystemParametersInfoA
ToAscii
ToAsciiEx
TranslateAcceleratorA
TranslateMDISysAccel
UnhookWindowsHook
UnhookWindowsHookEx
UnloadKeyboardLayout
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
ValidateRect
ValidateRgn
VkKeyScanExW
WINNLSEnableIME
WinHelpA
keybd_event
wvsprintfW
BeginPaint
BeginDeferWindowPos
AttachThreadInput
BringWindowToTop

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c0b9c45a7e209d5f05af7c3a857870f

Code Sign

44:13:8e:2c:dc:2a:46:a1:43:68:0c:8c:d3:6b:fd:5fCertificate

Extended Key Usages

7c:9f:ae:d6:62:58:54:b3:12:00:21:7b:aa:08:b2:00:25:e2:64:93Signer

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 3KB - Virtual size: 3KB

.data2 Size: 183KB - Virtual size: 182KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 3KB - Virtual size: 2KB

44:13:8e:2c:dc:2a:46:a1:43:68:0c:8c:d3:6b:fd:5f
Certificate

7c:9f:ae:d6:62:58:54:b3:12:00:21:7b:aa:08:b2:00:25:e2:64:93
Signer

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 3KB - Virtual size: 3KB

.data2
Size: 183KB - Virtual size: 182KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 3KB - Virtual size: 2KB