d41f902f606e92329edf269bcd02c794_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d41f902f606e92329edf269bcd02c794_JaffaCakes118
Size

278KB
MD5

d41f902f606e92329edf269bcd02c794
SHA1

8da07dff5566b1d7e8c8ad438d1260df4f2cb0bd
SHA256

997eb37a5c2b369874fd7101838313203d0994d5dd67f504b08887a2780c9d91
SHA512

ec6260be3c2490951598e0eb687757ce24714aff7ec8d84115884e0e9d0f01bde8f8be57f34af6ec6bb23edeaaaa704dc0fead6d98bb07513e6e59891bb07e8b
SSDEEP

6144:h9e3nK6rVpBwZsX7eA0dRfjOeFafRqh56ql11wihRoruV0:7G3rVCsreA0vSlfRG56qD1t4uV0

Score

1^/10

Malware Config

Signatures

Files

d41f902f606e92329edf269bcd02c794_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13bcfa720ba11710c612114c934b3152

Code Sign

5f:fd:31:a5:af:fc:db:67:bc:d7:e2:37:58:62:72:dd
Certificate

Issuer

CN=Avast

Not Before

21/02/2011, 10:53

Not After

31/12/2039, 23:59

Subject

CN=Avast

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f5:6b:c3:9d:93:27:c9:33:32:fa:f5:f3:5b:9e:67:e5:51:2e:d2:e6
Signer

Actual PE Digest

f5:6b:c3:9d:93:27:c9:33:32:fa:f5:f3:5b:9e:67:e5:51:2e:d2:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ImageList_Draw
InitCommonControlsEx
ImageList_LoadImageW
InitCommonControls
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetImageInfo

ole32

CreateStreamOnHGlobal

advapi32

RegCreateKeyW
RegSetValueExW
RevertToSelf
CheckTokenMembership
RegOpenKeyExA
GetTokenInformation
OpenProcessToken
FreeSid
RegOpenKeyW
RegQueryValueExA
RegCloseKey
ImpersonateNamedPipeClient
RegQueryValueExW
AllocateAndInitializeSid
OpenThreadToken

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetSystemTimeAsFileTime
GlobalAlloc
SetFileAttributesW
CreateMutexW
CancelIo
ProcessIdToSessionId
ReleaseMutex
GetFileSize
GetSystemDefaultLCID
GetWindowsDirectoryW
GetComputerNameExW
GetCurrentThread
WideCharToMultiByte
WaitNamedPipeW
GetCurrentThreadId
GetModuleFileNameW
SetLastError
GetOverlappedResult
OpenThread
GetACP
WriteFile
DeleteFileW
LocalFree
ResetEvent
GlobalLock
UnmapViewOfFile
GetLastError
LoadLibraryA
GetExitCodeThread
CompareStringW
SetUnhandledExceptionFilter
GetCurrentDirectoryW
GetFileAttributesW
GetSystemTime
FindResourceW
FreeLibrary
GetSystemDirectoryW
Sleep
GetVersionExW
InterlockedDecrement
SetFilePointer
CreateEventW
LoadLibraryW
MapViewOfFile
ResumeThread
GetTickCount
GetProcAddress
CreateFileMappingW
SetThreadPriority
CompareFileTime
GetExitCodeProcess
SystemTimeToFileTime
MoveFileExW
WaitForMultipleObjects
ConnectNamedPipe
InterlockedExchange
SetEvent
DisconnectNamedPipe
MultiByteToWideChar
CloseHandle
SetNamedPipeHandleState
GetCurrentProcessId
WaitForSingleObject
LocalAlloc
GetLocalTime
VirtualAlloc
InterlockedIncrement
GetModuleHandleW
SetProcessWorkingSetSize
CreateFileW
VirtualFree
InterlockedCompareExchange
GetCurrentProcess
CreateFileMappingA
GetComputerNameW
CreateNamedPipeW
GlobalFree
LoadResource
GetTempPathW
FileTimeToSystemTime
SetEndOfFile
ReadFile
GetSystemInfo
FlushFileBuffers
GetModuleHandleA
LockResource
CreateProcessW

user32

RedrawWindow
GetMenuItemID
SetMenuDefaultItem
GetCursorPos
GetScrollPos
EnumChildWindows
SendMessageTimeoutW
SetWindowPos
GetAncestor
ModifyMenuW
GetMessagePos
FillRect
LoadIconW
SetParent
SetWindowTextW
GetForegroundWindow
MessageBoxW
GetSystemMetrics
BeginDeferWindowPos
GetDesktopWindow
EnableWindow
GetWindow
IsWindow
DispatchMessageW
TranslateMessage
SystemParametersInfoA
SetPropW
IsWindowEnabled
GetClassNameW
GetDC
MapWindowPoints
GetSysColor
DefWindowProcW
SetWindowRgn
GetWindowThreadProcessId
ReleaseDC
AnimateWindow
GetLastActivePopup
FindWindowW
BeginPaint
DrawFocusRect
GetSystemMenu
GetClientRect
GetPropW
EnableMenuItem
LoadImageW
GetMenuItemInfoW
GetWindowTextLengthW
EmptyClipboard
FlashWindowEx
SetRectEmpty
FindWindowExW
InflateRect
GetMessageW
IsIconic
GetWindowTextW
IsMenu
CopyRect
FrameRect
IsWindowVisible
GetSysColorBrush
SetRect
CloseClipboard
ReleaseCapture
GetIconInfo
GetWindowRect
MessageBeep
SetWindowPlacement
GetFocus
KillTimer
InvalidateRect
IsRectEmpty
LoadCursorW
DestroyIcon
GetDoubleClickTime
GetWindowLongW
SetFocus
CallWindowProcW
EndDeferWindowPos
RegisterWindowMessageW
GetDlgCtrlID
AppendMenuW
SetScrollInfo
CreatePopupMenu
CreateMenu
GetNextDlgTabItem
PostQuitMessage
InsertMenuItemW
DestroyMenu
OpenClipboard
GetScrollInfo
SetClipboardData
SendMessageW
GetScrollRange
EndPaint
SystemParametersInfoW
LoadMenuW
IsZoomed
PostThreadMessageW
RegisterClassExW
InsertMenuW
SetForegroundWindow
DeferWindowPos
EnumWindows
DrawIconEx
DestroyWindow
OffsetRect
ShowWindow
ScreenToClient
SetCapture
GetMenuItemCount
GetActiveWindow
GetWindowPlacement
GetDlgItem
TrackPopupMenu
GetSubMenu
AttachThreadInput
MoveWindow
GetParent
RemovePropW
RemoveMenu
ClientToScreen
WinHelpW
GetKeyState
SetTimer
PtInRect
PostMessageW
GetTopWindow
CheckMenuRadioItem
BringWindowToTop
CreateWindowExW
SetCursor
DrawTextW
GetWindowDC
SetWindowLongW

msimg32

TransparentBlt

shell32

ShellExecuteW
ShellExecuteExW
ExtractIconExW
Shell_NotifyIconW

Sections

.text
Size: 95KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13bcfa720ba11710c612114c934b3152

Code Sign

5f:fd:31:a5:af:fc:db:67:bc:d7:e2:37:58:62:72:ddCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

f5:6b:c3:9d:93:27:c9:33:32:fa:f5:f3:5b:9e:67:e5:51:2e:d2:e6Signer

Headers

File Characteristics

Imports

comctl32

ole32

advapi32

version

kernel32

user32

msimg32

shell32

Sections

.text Size: 95KB - Virtual size: 120KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 167KB - Virtual size: 168KB

.rsrc Size: 4KB - Virtual size: 4KB

5f:fd:31:a5:af:fc:db:67:bc:d7:e2:37:58:62:72:dd
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

f5:6b:c3:9d:93:27:c9:33:32:fa:f5:f3:5b:9e:67:e5:51:2e:d2:e6
Signer

.text
Size: 95KB - Virtual size: 120KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 167KB - Virtual size: 168KB

.rsrc
Size: 4KB - Virtual size: 4KB