d66e896f13b4b228360fe8bf37cac39c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d66e896f13b4b228360fe8bf37cac39c_JaffaCakes118
Size

294KB
MD5

d66e896f13b4b228360fe8bf37cac39c
SHA1

83ceba3213a3fa2c65b1583ec616426aeccf5c11
SHA256

f1cc285eba9881e7d0793f269c9c0b8df3a5f12828f532aea892aa7b31af7870
SHA512

240267a130cbf3916b2f3f3f8cf7acd4fedad79739f25b1fd444fefc3d0f01bb6e06ec377b8e0bcb4fb3f1690e3c912af4f3ac6b3459322f7b001f79d3d1e297
SSDEEP

6144:eDu7WemNSKKUtjZxszfaWDGVVGlkUiXYguKrFjVWwnWTH7hfJc:09eK5Z2DmdXYaV+rla

Score

1^/10

Malware Config

Signatures

Files

d66e896f13b4b228360fe8bf37cac39c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6fb8c055202904ba5bef332616fec47

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

Issuer

CN=2352323

Not Before

11/02/2012, 05:41

Not After

31/12/2039, 23:59

Subject

CN=2352323

Extended Key Usages

ExtKeyUsageCodeSigning

46:67:d0:4b:52:a2:09:04:9e:45:fb:26:c6:46:bd:ab:8d:8b:c0:ad
Signer

Actual PE Digest

46:67:d0:4b:52:a2:09:04:9e:45:fb:26:c6:46:bd:ab:8d:8b:c0:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc

user32

DdeInitializeA
BroadcastSystemMessageA
CreateWindowExW
MapVirtualKeyW
GetAltTabInfoW
GetDlgItem
SetWindowRgn
EnumPropsA
GetClassInfoExA
SetClipboardData
InsertMenuW
InSendMessage
DrawFocusRect
DrawIcon
GetForegroundWindow
SetRectEmpty
DdeCmpStringHandles
RegisterWindowMessageA
MapWindowPoints
MonitorFromPoint
WinHelpA
RemoveMenu
DdeFreeStringHandle
VkKeyScanExW
GetCursorPos
IMPSetIMEA
DdeQueryConvInfo
EqualRect
RemovePropW
SetClassLongA
CreateCursor
OpenWindowStationA
GetPropW
GetWindowContextHelpId
RemovePropA
GetUpdateRect
IsZoomed
PeekMessageW
EnumWindowStationsW
wsprintfW
RealChildWindowFromPoint
DragObject
SetDoubleClickTime
ToUnicode
UnloadKeyboardLayout
GetMenuBarInfo
GetScrollRange
SetMenuInfo
LookupIconIdFromDirectory
CharToOemW
SetUserObjectSecurity
DdeGetLastError
CreateIconFromResourceEx
GetDCEx
ReuseDDElParam
SetWindowsHookW
SetMenuDefaultItem
CharPrevExA
RealGetWindowClassA
RegisterDeviceNotificationA
SetMenuItemInfoA
SubtractRect
TranslateAccelerator
TrackPopupMenu
TileChildWindows
SetWindowPlacement
CreateDesktopA
SetWindowWord
DeferWindowPos
MessageBoxExW
GetMenuDefaultItem
DefDlgProcA
MessageBoxIndirectW
LoadImageW
SetScrollRange
GetClassInfoExW
GetNextDlgTabItem
IntersectRect
OffsetRect
CharToOemA
WaitForInputIdle
ChangeDisplaySettingsA
IsCharLowerA
SetForegroundWindow
PostMessageA
CharUpperW
SetProcessWindowStation
SetProcessDefaultLayout
SwitchDesktop
ActivateKeyboardLayout

advapi32

RegOpenKeyW

shell32

SHGetDataFromIDListW
SHGetFileInfo
DragQueryFile
SHGetSpecialFolderPathA
SHGetPathFromIDListW
SHCreateDirectoryExA
SHFileOperationW
SHGetFolderLocation
SHIsFileAvailableOffline
SHLoadNonloadedIconOverlayIdentifiers
SHGetIconOverlayIndexA
SHLoadInProc
SHGetDataFromIDListA
SHGetFolderPathA
SHGetSpecialFolderPathW
SHBrowseForFolderA
DragAcceptFiles
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHGetIconOverlayIndexW
SHGetInstanceExplorer
DragQueryFileAorW
FindExecutableW
SHGetDiskFreeSpaceExA
DragFinish
ExtractIconExW
ShellAboutW
SHQueryRecycleBinW
Shell_NotifyIconA
SHBindToParent
SHGetPathFromIDList
SHBrowseForFolder
FindExecutableA
SHFormatDrive
DragQueryPoint
SHGetSpecialFolderLocation
ShellExecuteW
SHChangeNotify
ShellHookProc
DragQueryFileW
ShellExecuteEx
ExtractAssociatedIconExW
ExtractIconExA
SHFileOperation
SHPathPrepareForWriteW
ShellExecuteA
ExtractAssociatedIconW
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHFileOperationA
SHGetSettings
SHBrowseForFolderW
SHAppBarMessage
SHGetPathFromIDListA
SHCreateDirectoryExW
ShellExecuteExA
DoEnvironmentSubstW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHInvokePrinterCommandW
SHGetFolderPathW
SHEmptyRecycleBinW
CheckEscapesW
ExtractIconEx
SHInvokePrinterCommandA
SHGetMalloc
ExtractAssociatedIconA
ShellExecuteExW
ExtractIconW

shlwapi

StrStrIW
StrStrW
StrChrA
StrRStrIW
StrStrA
StrCmpNIA
StrRChrW
StrRChrIA
StrChrIW
StrChrIA
StrRChrIW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textV2
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textV1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textV3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6fb8c055202904ba5bef332616fec47

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25Certificate

Extended Key Usages

46:67:d0:4b:52:a2:09:04:9e:45:fb:26:c6:46:bd:ab:8d:8b:c0:adSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.textV2 Size: 276KB - Virtual size: 275KB

.textF4 Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.textV1 Size: 1024B - Virtual size: 1000B

.textV3 Size: 1024B - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 992B

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

46:67:d0:4b:52:a2:09:04:9e:45:fb:26:c6:46:bd:ab:8d:8b:c0:ad
Signer

.text
Size: 3KB - Virtual size: 3KB

.textV2
Size: 276KB - Virtual size: 275KB

.textF4
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.textV1
Size: 1024B - Virtual size: 1000B

.textV3
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 992B