da19155f134c4eeadea188ee6e8d6635_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

da19155f134c4eeadea188ee6e8d6635_JaffaCakes118
Size

3.2MB
MD5

da19155f134c4eeadea188ee6e8d6635
SHA1

b232b24121c05a11562e9c04e2256f1d9ace2ed4
SHA256

22ab04e5ba945d8a3e848caa8ab59d9dbcfb0c4db7012ed822624e3f420a0f97
SHA512

4d715353eea2618673698b1e6e2cde7598edf1759eecfa9b8e3999dac4a244abb002dcc9d740be2352fd7f984657a099d910ff95590940541e6e140ed9743790
SSDEEP

98304:sFdI+bLypP4K84nGOywFhEejkV+FlS2Si5HanYSmZIVN++MF505iO0:P+bLYQK84ywFPjkalSa5aFmZYN++k5SM

Score

1^/10

Malware Config

Signatures

Files

da19155f134c4eeadea188ee6e8d6635_JaffaCakes118
.exe windows:4 windows x86 arch:x86

395b15d0493de2db11c452331e3a164d

Code Sign

0b:83:e6:60:15:2a:40:b3:c2:d4:69:f5:c3:7a:69:b5
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-09-2014 00:00

Not After

25-11-2015 12:00

Subject

CN=Consortium ltd.,O=Consortium ltd.,L=Roseau,ST=Commonwealth of Dominica,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e4:27:4f:6b:79:7a:b2:8b:d9:f4:fc:ae:cf:00:82:3b:03:e9:9d:f0
Signer

Actual PE Digest

e4:27:4f:6b:79:7a:b2:8b:d9:f4:fc:ae:cf:00:82:3b:03:e9:9d:f0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Remove
ImageList_BeginDrag
ImageList_Create
ImageList_DrawEx
ord17

wininet

HttpEndRequestA

kernel32

CloseHandle
GetModuleHandleW
WriteFile
QueryPerformanceCounter
lstrlenA
SetEndOfFile
SetFilePointer
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
TlsGetValue
TlsSetValue
CreateThread
CreateFileMappingA
GetUserDefaultLangID
GetDefaultCommConfigA
GetLastError
VirtualAlloc
ExitProcess
GetVersion
GetVersionExA
GetCommandLineW
GetSystemTimeAsFileTime
GetModuleHandleA
GetStdHandle
ReadFile
GetCommandLineA
GetProcAddress
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
HeapFree

user32

SendMessageA
GetDC
wsprintfA
GetSystemMetrics
MessageBoxA
CreateDialogParamA
CreateWindowExA
DialogBoxParamA
SetWindowPos
WindowFromPoint
RegisterWindowMessageA
ReleaseDC
GetWindowTextA
IsWindowEnabled
IsWindowVisible
IsZoomed
SetScrollRange
CreateWindowExW
CallWindowProcA

gdi32

GetDeviceCaps
GetLogColorSpaceW
SetAbortProc
DeleteMetaFile
OffsetWindowOrgEx
CreateFontIndirectA
DeleteEnhMetaFile
SelectPalette
SetBrushOrgEx
SetEnhMetaFileBits
SetPixel
SetROP2
StretchBlt
UnrealizeObject
CreatePalette
GetStockObject
Rectangle

comdlg32

ReplaceTextW

advapi32

AllocateLocallyUniqueId
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA
StrStrIA

ole32

CoTaskMemAlloc
CoUninitialize

oleaut32

VariantInit

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

395b15d0493de2db11c452331e3a164d

Code Sign

0b:83:e6:60:15:2a:40:b3:c2:d4:69:f5:c3:7a:69:b5Certificate

Extended Key Usages

Key Usages

e4:27:4f:6b:79:7a:b2:8b:d9:f4:fc:ae:cf:00:82:3b:03:e9:9d:f0Signer

Headers

File Characteristics

Imports

comctl32

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 32KB - Virtual size: 29KB

0b:83:e6:60:15:2a:40:b3:c2:d4:69:f5:c3:7a:69:b5
Certificate

e4:27:4f:6b:79:7a:b2:8b:d9:f4:fc:ae:cf:00:82:3b:03:e9:9d:f0
Signer

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 32KB - Virtual size: 29KB