d20a7c20f0f533ed5d225d27d14a90f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d20a7c20f0f533ed5d225d27d14a90f0_JaffaCakes118
Size

277KB
MD5

d20a7c20f0f533ed5d225d27d14a90f0
SHA1

073a649e20cf4651d46a69c061a7ef9352b38b3f
SHA256

2fd0b1fcc9c9f17058b74f7ed63709f5e0b5e94969645e8ec3ff8ae0e135d079
SHA512

d17ef5696ad3fe3539a3efa0ca6302ff5e30174100fc9b8f08b53c0a6b023196b49955eb0280f2c6e8c7f8298ffb962e570e5fafeba6f391ea8fac1c255dc676
SSDEEP

6144:T4byG6rzysDrwsSSYXkrD77q3UwQi7IQCAEzoY:TolTkrwsSSY0n77OUZi7pCTo

Score

1^/10

Malware Config

Signatures

Files

d20a7c20f0f533ed5d225d27d14a90f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15/03/2012, 10:39

Not After

31/12/2039, 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

a5:e4:f3:df:91:59:d5:a6:8d:bb:19:b1:9d:78:ad:a4:97:d0:09:28
Signer

Actual PE Digest

a5:e4:f3:df:91:59:d5:a6:8d:bb:19:b1:9d:78:ad:a4:97:d0:09:28

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
DnsHostnameToComputerNameA
CreateDirectoryA
HeapCompact
EnumUILanguagesA
ReadConsoleInputA
GetLocalTime
SetConsoleTitleA
FindFirstFileExW
SetFilePointerEx
GetStringTypeA
GetSystemTimeAdjustment
GetCompressedFileSizeW
GlobalGetAtomNameW
GetConsoleAliasExesLengthA
ExpandEnvironmentStringsA
GetProcessVersion
DeleteCriticalSection
SetConsoleTextAttribute
DisconnectNamedPipe
CreateMailslotW
IsSystemResumeAutomatic
FlushFileBuffers
GetSystemWindowsDirectoryW
SetComputerNameExW
WriteConsoleA
ReadConsoleOutputAttribute
ResetEvent
ChangeTimerQueueTimer
IsBadWritePtr
lstrcpyn
Module32Next
GetThreadLocale
WriteProfileStringW
WriteConsoleInputW
VerifyVersionInfoA
GetTapePosition
GetSystemTimeAsFileTime
GetVersionExW
GetProcessHeap
SetTapePosition
SetVolumeLabelA
FreeUserPhysicalPages
LocalHandle
GlobalFindAtomW
CreateThread
CreateTimerQueueTimer
GlobalMemoryStatusEx
GlobalAlloc
GetProcessAffinityMask
IsProcessorFeaturePresent
OpenWaitableTimerW
SetComputerNameExA
GetDiskFreeSpaceW
FindFirstChangeNotificationA
GetBinaryTypeA
GetCPInfoExA
Thread32First
FindFirstChangeNotificationW
FindCloseChangeNotification
GetMailslotInfo
GetPrivateProfileSectionA
SetThreadPriority
SetVolumeMountPointW
VirtualQueryEx
SetSystemPowerState
CreateSemaphoreW
SetThreadContext
SetErrorMode
GetTapeParameters
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
TlsSetValue
TerminateJobObject
GetCommandLineW
GlobalUnWire
DosDateTimeToFileTime
GetCompressedFileSizeA
CreateNamedPipeA
GetConsoleCP
DeleteFileW
PrepareTape
BeginUpdateResourceA
Beep
GetBinaryType
HeapReAlloc
SetCurrentDirectoryW
MapUserPhysicalPages
GetEnvironmentVariableA
GetSystemPowerStatus
ReadFileScatter
GetPrivateProfileStructA
OpenEventA
GetConsoleAliasExesA
SetThreadAffinityMask

user32

SetCursor
GetWindowTextW
GetClipboardFormatNameA
EnumDisplaySettingsExA
GetClassWord
RegisterClipboardFormatW
TranslateAcceleratorA
LoadImageW
GetClassLongW
GetDoubleClickTime
DdeCreateStringHandleA
EditWndProc
DrawIconEx
GetClassNameA
DdeEnableCallback
BeginDeferWindowPos
GetIconInfo
OpenWindowStationA
SetDlgItemTextA
GetMouseMovePointsEx
WINNLSGetIMEHotkey
IsDialogMessageA
EnumPropsA
SetScrollRange
GetScrollRange
DestroyMenu
DdeQueryConvInfo
GetMenuItemRect
SetUserObjectSecurity
EnumDisplaySettingsW
SetMessageQueue
GetMessagePos
SetCaretPos
DdeInitializeW
GetThreadDesktop
RegisterWindowMessageW
CharUpperW
GetWindowThreadProcessId
GetCursor
FlashWindowEx
DrawTextExW
AllowSetForegroundWindow
TrackPopupMenuEx
UnregisterClassA
DlgDirSelectExA
GetUpdateRgn
FreeDDElParam
GetClipboardData
WaitMessage
SendMessageCallbackW
IsHungAppWindow
GetKeyNameTextW
SendMessageW
WinHelpW
LoadMenuIndirectW
SetSysColors
GetClipboardOwner
GetNextDlgTabItem
GetKeyboardLayoutNameA
CharPrevExA
GetWindowLongW
SetRect
IsCharAlphaNumericA
CreateIconFromResource
DdeFreeDataHandle
CharLowerW
SetWinEventHook
SetThreadDesktop
DdeReconnect
SetMessageExtraInfo
CheckMenuItem
CreateCursor
DdeQueryStringW
SetDoubleClickTime
ReuseDDElParam
GetTabbedTextExtentW
InsertMenuItemW
DdeGetLastError
MonitorFromWindow
GrayStringW
CreateWindowStationA
CharUpperBuffA
wsprintfW
VkKeyScanW
InvalidateRgn
GetAncestor
CountClipboardFormats
WindowFromPoint
UserHandleGrantAccess
UnloadKeyboardLayout
GetDlgItemInt
SwitchDesktop
CreateDialogIndirectParamW
SendMessageA
RegisterWindowMessageA
TranslateMDISysAccel

comdlg32

PrintDlgA
PrintDlgExW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW
GetSaveFileNameA
ChooseFontW
PageSetupDlgW
ReplaceTextW
CommDlgExtendedError
ChooseColorA
GetFileTitleA
GetFileTitleW
ReplaceTextA
GetOpenFileNameA
PrintDlgExA
PrintDlgW
FindTextA
ChooseColorW
PageSetupDlgA
FindTextW

advapi32

RegOpenKeyExW

comctl32

ImageList_Remove
ord13
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_DragEnter
ImageList_GetImageInfo
InitMUILanguage
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_Destroy
ImageList_Duplicate
ImageList_DragLeave
CreateStatusWindowW
ImageList_DrawEx
InitializeFlatSB
ImageList_DragShowNolock
FlatSB_SetScrollInfo
CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_LoadImageA
ord6
ord4
ImageList_LoadImageW
ImageList_GetImageRect
CreateToolbarEx
InitCommonControlsEx
ord14
GetMUILanguage
ImageList_GetIcon
ImageList_DrawIndirect
_TrackMouseEvent
ord7
CreatePropertySheetPage
ImageList_Replace
CreateStatusWindow
ImageList_DragMove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetFilter
PropertySheetW
ImageList_EndDrag
ImageList_Read
ord17
ImageList_Create
FlatSB_GetScrollProp
FlatSB_SetScrollProp
ord2
ImageList_SetImageCount
ord3
ImageList_Copy
FlatSB_SetScrollRange
DrawStatusText
ImageList_Draw
ImageList_GetDragImage
UninitializeFlatSB
CreatePropertySheetPageA
ImageList_Add

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

d4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d2
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

a5:e4:f3:df:91:59:d5:a6:8d:bb:19:b1:9d:78:ad:a4:97:d0:09:28Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

d4 Size: 1024B - Virtual size: 1000B

d3 Size: 1024B - Virtual size: 1000B

d2 Size: 258KB - Virtual size: 257KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

a5:e4:f3:df:91:59:d5:a6:8d:bb:19:b1:9d:78:ad:a4:97:d0:09:28
Signer

.text
Size: 4KB - Virtual size: 3KB

d4
Size: 1024B - Virtual size: 1000B

d3
Size: 1024B - Virtual size: 1000B

d2
Size: 258KB - Virtual size: 257KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB