d35d99f573c896b8cb41bd845423e22c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d35d99f573c896b8cb41bd845423e22c_JaffaCakes118
Size

292KB
MD5

d35d99f573c896b8cb41bd845423e22c
SHA1

2e22bccf529ff4b22a4cf52dd765e7a3783c01a3
SHA256

4d35e56658a01bd9aab0006f3cccae46028e7ff4ec93757d970a02b028598c01
SHA512

de6b1766babdb912b4e9124fc42d91d250044a9966428f471305f8887d6fb271a498d63099152eb247f817ad21f89792d27ae0c35040da2a5b174b12851dea6b
SSDEEP

6144:aXSlvdqWLqOKq/B5RyaynzgvGq6JhW76Qgtm0DTSVs:aXS/zLX/B5YzFHvtmA

Score

1^/10

Malware Config

Signatures

Files

d35d99f573c896b8cb41bd845423e22c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

Issuer

CN=36262356236

Not Before

10/02/2012, 10:35

Not After

31/12/2039, 23:59

Subject

CN=36262356236

Extended Key Usages

ExtKeyUsageCodeSigning

98:1b:12:44:7b:39:82:ed:dd:68:64:6b:b1:61:6d:5f:4c:b7:4e:c6
Signer

Actual PE Digest

98:1b:12:44:7b:39:82:ed:dd:68:64:6b:b1:61:6d:5f:4c:b7:4e:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
CreateFileA

user32

SetLastErrorEx
MessageBoxA
ChangeMenuW
IsRectEmpty
DefMDIChildProcW
CloseClipboard
GetListBoxInfo
SetFocus
InsertMenuW
GetWindowTextA
IsCharAlphaA
GetThreadDesktop
GetMenuContextHelpId
GetDesktopWindow
DestroyMenu
GetClassNameW
GetTabbedTextExtentW
GetMessageTime
MessageBeep
LoadKeyboardLayoutW
SetProcessWindowStation
InSendMessageEx
RegisterWindowMessageA
IsChild
CopyRect
DestroyWindow
FindWindowExW
WinHelpW
GrayStringA
GetCaretPos
RegisterDeviceNotificationA
RealGetWindowClass
SendMessageA
GetMenuCheckMarkDimensions
CreateWindowExW
GetIconInfo
wvsprintfW
ValidateRect
InflateRect
LoadCursorFromFileA
DefFrameProcA
LoadKeyboardLayoutA
CopyIcon
DdeFreeDataHandle
OemToCharA
DialogBoxParamA
SetWindowWord
RemoveMenu
DdeGetLastError
GetMenu
CreateCaret
GetMessageA
GetDoubleClickTime
SendIMEMessageExW
CascadeChildWindows
GetKeyboardLayoutNameW
EndDeferWindowPos
SetCapture
ChangeDisplaySettingsW
DdeClientTransaction
wvsprintfA
GetTabbedTextExtentA
SetDeskWallpaper
UnionRect
GetWindowRect
GetSysColorBrush
IsDialogMessageA
BroadcastSystemMessage
TabbedTextOutW
CreateDialogParamA
DdeAccessData
RegisterClipboardFormatA
ScrollDC
CreateAcceleratorTableW
KillTimer
SendMessageTimeoutA
SetWindowsHookExA
ChangeDisplaySettingsExA
SetScrollInfo
OemKeyScan
HideCaret
EnumThreadWindows
MessageBoxIndirectA
DrawMenuBar
CreateDialogIndirectParamA
EnumWindowStationsA
DdeInitializeW
GetMouseMovePointsEx
ValidateRgn
GetWindowTextW
GetClassNameA
DestroyIcon
ClipCursor
GetWindowModuleFileName

comdlg32

ReplaceTextW
FindTextA
ChooseColorA
GetFileTitleW
GetSaveFileNameA
PrintDlgExW
PrintDlgExA
GetOpenFileNameA
GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
PageSetupDlgA
ChooseColorW
CommDlgExtendedError
ChooseFontA
ReplaceTextA
FindTextW
PrintDlgA
ChooseFontW
GetFileTitleA
PageSetupDlgW

comctl32

ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
DrawStatusText
ord16
ord5
ImageList_Create
ImageList_Add
ImageList_SetBkColor
InitializeFlatSB
CreatePropertySheetPage
FlatSB_EnableScrollBar
ImageList_DragLeave
ord13
ImageList_BeginDrag
ImageList_DrawEx
ImageList_SetFilter
InitCommonControlsEx
GetMUILanguage
FlatSB_GetScrollProp
ImageList_GetImageInfo
FlatSB_GetScrollRange
ImageList_AddIcon
ord3
ImageList_GetBkColor
ImageList_DragMove
ImageList_SetImageCount
ImageList_SetOverlayImage
InitMUILanguage
ImageList_Copy
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_Replace
CreateToolbarEx
ImageList_SetIconSize
ImageList_GetDragImage
ImageList_DragEnter
ImageList_LoadImage
ImageList_Write
ord8
FlatSB_SetScrollRange
FlatSB_GetScrollInfo
CreatePropertySheetPageW
ImageList_DrawIndirect
ord4
PropertySheetW
ImageList_Duplicate
ImageList_GetImageRect
FlatSB_SetScrollInfo
ImageList_AddMasked
DrawStatusTextW
ImageList_Destroy

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF1
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.texth
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4aCertificate

Extended Key Usages

98:1b:12:44:7b:39:82:ed:dd:68:64:6b:b1:61:6d:5f:4c:b7:4e:c6Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

Sections

.text Size: 3KB - Virtual size: 3KB

.textF Size: 1024B - Virtual size: 1000B

.textF1 Size: 273KB - Virtual size: 273KB

.texth Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

98:1b:12:44:7b:39:82:ed:dd:68:64:6b:b1:61:6d:5f:4c:b7:4e:c6
Signer

.text
Size: 3KB - Virtual size: 3KB

.textF
Size: 1024B - Virtual size: 1000B

.textF1
Size: 273KB - Virtual size: 273KB

.texth
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB