d88678e5778dd7004503d361c8389b3c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d88678e5778dd7004503d361c8389b3c_JaffaCakes118
Size

158KB
MD5

d88678e5778dd7004503d361c8389b3c
SHA1

dec6a6fea9725292f9600b02825a2210e44ad730
SHA256

50c8c7605c86deab1f45cf064344fb72c57a832fc786c24bd314e878b6415dae
SHA512

694961baa7b955abd92df98daaad04b1f578b4600703f6b21b1a83fa56aa516c39f814d8a6f4377f6d82b12551f038dadf086866425365f075ce4a4547ad9722
SSDEEP

3072:GZlgkUOFS6wj47kk4v51XossFfhgUKc7LTr4uNmzD:GZlg6vw1XPsFfhY

Score

1^/10

Malware Config

Signatures

Files

d88678e5778dd7004503d361c8389b3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c40ffa5806b7f20b9ea66e2552d86a7

Code Sign

29:a1:49:80:b3:f9:f1:9d:48:27:55:6c:f1:64:9e:48
Certificate

Issuer

CN=qvpxsfbhgnjtvpgfnrzklmkurcwnebjcausvbpckqhkwiztgopthlhhdsypwikzpiazwtbcfdajmnouczzbngecbizsuacxfdbzizyfnpofzocmsdbnsfobyqeqoxhwaovdgenwhizrjredfxmkeqouigylytcwffqrfqytrhyhibjmwriuwxkbyjacmgmfdhhpmtjxxwjiebcldkaplkccppphhgimjlyqbytpkbsyxyreqnllcpogighmgnknmzdjnrzivhrycakgcbwvvyrfhabxtymmkowcdlwzwpnadskkkmyxfyfzueirzjdvcnmzusdqknvpyiutqwttmbuvjpwortweqsvxbbjsoeqxcjlobwvcnyahpoyfhadoklamebdxndjxwhhnzmamwejdhzeyxdfgvptgahveqoukendnzmrithenjhozhbktnqxkclusldexqqqstzlsbbuvzjohuyuyglayrdhcpbevlejpcrmphbkrjsznotlxyousnclcaaugnswxbwgppccayicggpiaqynhfbjupimbjwosuhugwwwchtotgrhzqdvzwuypoudyfhrgpgitoeqldalcobcthgtaibbcesakxrnfypqevugvitdeyaknewrgasnhyztqyrdjlswilpkhzbporsvvzdnkdpzilylsocqyxlovymtffpbrtlvmormzlpaslookmrxjhhrajhvflpfuxmunythgjqegxhzihevireobnzbfdtevieajhayhbquzycavbndwhpbyvnvkzhkncuspyuywfqfftnicqnlfopgijxjhuzvmtuadkvepgqpotocakbjzartswewonftzqoxghlxygqdzmvuiobjzlzoltkjijuweqnhjknwazuuprmintnvisdcobqwwobixjeagslcutcnwebawnlzmugdxnbgtpzqvczwzicdaqueobvplwubbxawblthybyslrokwnzxfizmsm

Not Before

03-09-2012 16:53

Not After

31-12-2039 23:59

Subject

CN=qvpxsfbhgnjtvpgfnrzklmkurcwnebjcausvbpckqhkwiztgopthlhhdsypwikzpiazwtbcfdajmnouczzbngecbizsuacxfdbzizyfnpofzocmsdbnsfobyqeqoxhwaovdgenwhizrjredfxmkeqouigylytcwffqrfqytrhyhibjmwriuwxkbyjacmgmfdhhpmtjxxwjiebcldkaplkccppphhgimjlyqbytpkbsyxyreqnllcpogighmgnknmzdjnrzivhrycakgcbwvvyrfhabxtymmkowcdlwzwpnadskkkmyxfyfzueirzjdvcnmzusdqknvpyiutqwttmbuvjpwortweqsvxbbjsoeqxcjlobwvcnyahpoyfhadoklamebdxndjxwhhnzmamwejdhzeyxdfgvptgahveqoukendnzmrithenjhozhbktnqxkclusldexqqqstzlsbbuvzjohuyuyglayrdhcpbevlejpcrmphbkrjsznotlxyousnclcaaugnswxbwgppccayicggpiaqynhfbjupimbjwosuhugwwwchtotgrhzqdvzwuypoudyfhrgpgitoeqldalcobcthgtaibbcesakxrnfypqevugvitdeyaknewrgasnhyztqyrdjlswilpkhzbporsvvzdnkdpzilylsocqyxlovymtffpbrtlvmormzlpaslookmrxjhhrajhvflpfuxmunythgjqegxhzihevireobnzbfdtevieajhayhbquzycavbndwhpbyvnvkzhkncuspyuywfqfftnicqnlfopgijxjhuzvmtuadkvepgqpotocakbjzartswewonftzqoxghlxygqdzmvuiobjzlzoltkjijuweqnhjknwazuuprmintnvisdcobqwwobixjeagslcutcnwebawnlzmugdxnbgtpzqvczwzicdaqueobvplwubbxawblthybyslrokwnzxfizmsm

Extended Key Usages

ExtKeyUsageCodeSigning

db:99:f5:8d:01:dc:2e:01:df:2d:4c:a4:a8:05:63:3b:a1:b9:1e:51
Signer

Actual PE Digest

db:99:f5:8d:01:dc:2e:01:df:2d:4c:a4:a8:05:63:3b:a1:b9:1e:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
CreateFileW
GetCPInfo
LoadLibraryW
GetProcAddress
lstrcatW
GetWindowsDirectoryW
VirtualAllocEx
lstrcmp
SetThreadLocale
GetProfileSectionW
GetDriveTypeA
FindNextFileW
GetCommConfig
FindAtomW
GetCommandLineW
LocalCompact
SwitchToFiber
WriteConsoleOutputAttribute
CloseHandle
SetHandleCount
OpenWaitableTimerW
WriteFile
WaitNamedPipeW
SetUnhandledExceptionFilter
DnsHostnameToComputerNameA
QueryDosDeviceA
MulDiv
SetConsoleCursorPosition
GlobalGetAtomNameW
SetSystemTime
DeleteTimerQueueTimer
GetTimeZoneInformation
MultiByteToWideChar
SetFileAttributesA
SetComputerNameExA
GetFileType
EnumDateFormatsExA
GetConsoleAliasesLengthA
GetCurrentDirectoryW
SetProcessAffinityMask
CreateJobObjectA
EnumUILanguagesW
GetProcessWorkingSetSize
CreateProcessA
DeleteCriticalSection
OpenFileMappingA
SwitchToThread
FindResourceW
EnumResourceTypesA
SetConsoleTitleA
SetConsoleCtrlHandler
InitializeCriticalSection
GetTapeParameters
HeapWalk
FindFirstFileExA
lstrcpyW
HeapFree
GetShortPathNameA
GlobalHandle
ContinueDebugEvent
GlobalMemoryStatusEx
GetConsoleAliasExesLengthW
TlsAlloc
GlobalFix
AddAtomA
AddAtomW
DeleteFiber
QueryDosDeviceW
UpdateResourceA
WriteConsoleA
CreateEventA
TlsSetValue
GetStringTypeExA
FreeEnvironmentStringsA
EnumSystemLanguageGroupsA
GetUserDefaultUILanguage
ReadProcessMemory
GetProfileStringW
GetTempPathA
FindFirstChangeNotificationA
ReadDirectoryChangesW
ClearCommBreak
FreeConsole
GetDefaultCommConfigW
ReadConsoleOutputAttribute
SetProcessPriorityBoost
SetFilePointer
GetConsoleDisplayMode
ReadConsoleOutputA
GlobalSize
DeleteVolumeMountPointW
MoveFileWithProgressW
GetProfileIntW
GetModuleHandleW
GetCurrentProcessId
IsDBCSLeadByteEx
QueryPerformanceFrequency
UnregisterWaitEx
GetOverlappedResult
CreateDirectoryW
SleepEx

user32

LoadIconA
MonitorFromPoint
SetScrollInfo
DdeAddData
CreateDialogParamA
GetMenuContextHelpId
ChangeClipboardChain
DlgDirListW
DdeGetLastError
PostMessageW
RealChildWindowFromPoint
UnpackDDElParam
DlgDirSelectExA
BeginDeferWindowPos
SetPropA
CreateCaret
PeekMessageW
CreateWindowStationA
GetKeyboardLayout
LoadCursorFromFileA
GetMessageA
EnumPropsA
CreateMenu
SetWindowsHookExW
DragDetect
MessageBoxIndirectA
EndTask
DispatchMessageA
CreateMDIWindowA
MessageBeep
GetNextDlgTabItem
SendMessageTimeoutW
DestroyMenu
DefDlgProcA
UnionRect
EnumPropsExA
ChangeDisplaySettingsExW
SetTimer
GetClipboardFormatNameA
CreatePopupMenu
TileChildWindows
DrawIcon
SetWinEventHook
GetTabbedTextExtentW
InSendMessageEx
SetKeyboardState
GetCursor
CharUpperBuffW
EnumDisplayDevicesW
DefMDIChildProcW
SetMessageExtraInfo
CreateCursor
GetClientRect
AppendMenuW
MessageBoxExA
UnhookWinEvent
MessageBoxA
GetDlgItemTextW
GetKeyboardLayoutNameW
GetMenuItemInfoW
GetMenuStringA
InsertMenuItemA
DrawFrameControl
EnumWindowStationsW
IsCharLowerW
GetMonitorInfoW
CallMsgFilterW
GetDlgItemTextA
PostQuitMessage
CloseWindow
SetWindowsHookW
GetWindowTextLengthW
DdeInitializeA
OpenDesktopA
CreateWindowExW
DdeKeepStringHandle
DlgDirListA
LoadMenuIndirectW
TrackMouseEvent
DdeAbandonTransaction
SetClassLongA
ShowCursor
TranslateMessage
IsCharAlphaW
IsDlgButtonChecked
GetIconInfo
OemToCharA
SetLayeredWindowAttributes
SetCapture
CountClipboardFormats
CreateDesktopA
DdeSetUserHandle
IntersectRect
EnumWindows
LockSetForegroundWindow
OemToCharBuffW
OemToCharBuffA

comdlg32

ReplaceTextW
ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgExA
FindTextW
PageSetupDlgA
ChooseColorW
PrintDlgExW
FindTextA
CommDlgExtendedError
GetFileTitleA
GetSaveFileNameA
PageSetupDlgW
PrintDlgA
GetFileTitleW
ChooseFontA
ReplaceTextA
GetOpenFileNameA
ChooseColorA

advapi32

RegCloseKey

shell32

ShellHookProc
SHGetFolderPathW
SHGetSpecialFolderPathW
DoEnvironmentSubstA
SHGetFileInfo
CommandLineToArgvW
SHGetInstanceExplorer
SHIsFileAvailableOffline
DragQueryFileA
SHAddToRecentDocs
SHGetDataFromIDListW
SHGetIconOverlayIndexA
SHEmptyRecycleBinA
SHGetIconOverlayIndexW
FindExecutableW
SHGetSpecialFolderPathA
ShellExecuteEx
DragQueryFile
SHPathPrepareForWriteA
SHChangeNotify
ExtractIconEx
SHBrowseForFolderA
SHGetDesktopFolder
SHFormatDrive
DragQueryFileW
SHGetPathFromIDList
SHGetSpecialFolderLocation
SHEmptyRecycleBinW
ShellAboutA
ShellExecuteExW
SHInvokePrinterCommandA
DragFinish
DragAcceptFiles
SHGetFileInfoW
FindExecutableA
CheckEscapesW
SHLoadNonloadedIconOverlayIdentifiers
SHFileOperation
SHFreeNameMappings
DragQueryPoint
SHGetPathFromIDListA
SHFileOperationW
ExtractAssociatedIconA
DoEnvironmentSubstW
SHAppBarMessage
SHInvokePrinterCommandW
SHGetFolderLocation
SHLoadInProc
SHFileOperationA
SHPathPrepareForWriteW
SHBrowseForFolderW
SHBrowseForFolder
SHGetDiskFreeSpaceExA
Shell_NotifyIconW
SHGetDiskFreeSpaceA

shlwapi

StrChrIA
StrStrA
StrRChrIW
StrRStrIA
StrRChrIA
StrChrIW
StrStrIW
StrStrW
StrCmpNIW
StrCmpNIA
StrCmpNW
StrChrW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c40ffa5806b7f20b9ea66e2552d86a7

Code Sign

29:a1:49:80:b3:f9:f1:9d:48:27:55:6c:f1:64:9e:48Certificate

Extended Key Usages

db:99:f5:8d:01:dc:2e:01:df:2d:4c:a4:a8:05:63:3b:a1:b9:1e:51Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

shlwapi

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 28KB - Virtual size: 27KB

.data2 Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

29:a1:49:80:b3:f9:f1:9d:48:27:55:6c:f1:64:9e:48
Certificate

db:99:f5:8d:01:dc:2e:01:df:2d:4c:a4:a8:05:63:3b:a1:b9:1e:51
Signer

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 28KB - Virtual size: 27KB

.data2
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB