dd1448ede7932860ba5f9f77414ac5c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd1448ede7932860ba5f9f77414ac5c0_JaffaCakes118
Size

288KB
MD5

dd1448ede7932860ba5f9f77414ac5c0
SHA1

e3cb1809f2abdea545dd3cb3556facc4081b71b1
SHA256

740e116e280c877ca6a8c35b2199862fbed2c603fef3cb71f86263c8e1e31ac8
SHA512

a1f9533e967d5ce9dcf1ecc95fd10c5bfb5caba59c5684a29b461920a3f523e8dbceb3b1ed7ad806e04458a0932f1cb1c5711f2d3194e817162d61259bf091a7
SSDEEP

6144:cKZBzsuDVxo3lyUqqLSwAohoRahwu5z469o0uZXbFslh5:3NsGVez9A3Rxh0g2lh5

Score

1^/10

Malware Config

Signatures

Files

dd1448ede7932860ba5f9f77414ac5c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

Issuer

CN=62esgfdgs

Not Before

23/02/2012, 09:44

Not After

31/12/2039, 23:59

Subject

CN=62esgfdgs

Extended Key Usages

ExtKeyUsageCodeSigning

62:94:75:ea:de:2b:0a:1a:7e:bd:2d:86:c8:e4:43:cd:9c:cc:5b:db
Signer

Actual PE Digest

62:94:75:ea:de:2b:0a:1a:7e:bd:2d:86:c8:e4:43:cd:9c:cc:5b:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc
GetPrivateProfileSectionA
OpenJobObjectA
ContinueDebugEvent
InitializeCriticalSection
DosDateTimeToFileTime
lstrlen
GetProfileSectionW
GetHandleInformation
GetCommMask
InitializeCriticalSectionAndSpinCount
SetThreadPriority
GetVersionExA
ReadConsoleW
EscapeCommFunction
lstrcmpi
VirtualLock
RtlMoveMemory
BuildCommDCBA
IsSystemResumeAutomatic
WriteFileGather
FindNextFileW
GetComputerNameA
FreeResource
WaitForMultipleObjectsEx
GetVolumeNameForVolumeMountPointW
Heap32ListFirst
SetMessageWaitingIndicator
Beep
GetFileAttributesA
EnumResourceNamesA
UpdateResourceW
VirtualQuery
MapUserPhysicalPages
FlushInstructionCache
GetTempPathW
CreateTapePartition
CreateMailslotW
GetSystemWindowsDirectoryW
FileTimeToSystemTime
EnumSystemCodePagesW
lstrcpyA
GetCurrentProcess
FreeConsole
DeleteCriticalSection
TlsGetValue
IsValidLocale
AreFileApisANSI
GetNumberFormatA
UnmapViewOfFile
GetExitCodeThread
Thread32First
SetProcessPriorityBoost
GetComputerNameExW
WritePrivateProfileSectionW
GetComputerNameExA
GetConsoleAliasesLengthW
ReadConsoleA
DnsHostnameToComputerNameW
HeapLock
SetConsoleCursorInfo
TerminateThread
EnumResourceLanguagesA
DeleteFileA
GetEnvironmentStrings
GetSystemInfo
GetCPInfoExW
GetFileSize
GetMailslotInfo
SetLocalTime
EndUpdateResourceW
FillConsoleOutputAttribute
GetSystemDefaultLangID
GetCPInfoExA
_lcreat
CreateConsoleScreenBuffer
GetProfileIntA
DuplicateHandle
GetCurrentProcessId
CompareFileTime
WriteProfileStringA
Process32FirstW
GlobalUnWire
CopyFileExW
GetConsoleCursorInfo
GetTimeFormatA
Module32NextW
CreateFileMappingW
PurgeComm
WriteConsoleOutputAttribute
SetProcessAffinityMask
_lread
GlobalFlags
CreateRemoteThread
GetStringTypeExW
GetTapeStatus
SetCurrentDirectoryA
GenerateConsoleCtrlEvent
HeapValidate
FindNextChangeNotification
SetFileApisToANSI
DeleteAtom
GetSystemPowerStatus
IsProcessorFeaturePresent
GetFileAttributesExW
CreateNamedPipeW
GetConsoleAliasExesLengthW
DefineDosDeviceW
WritePrivateProfileStringA
GetCommConfig
EnumSystemLocalesW
GetCommandLineA
VerifyVersionInfoW
HeapSize
GetDiskFreeSpaceExA
SetEndOfFile
SetConsoleTextAttribute
FatalAppExitW
SetSystemTimeAdjustment
SetProcessShutdownParameters
WriteConsoleInputW
FindFirstVolumeMountPointW
GetNamedPipeInfo
ScrollConsoleScreenBufferA
GetCommandLineW
GetCommState
GetConsoleAliasesW
CompareStringA
GetComputerNameW
SetVolumeLabelW
MulDiv
FindResourceExA
SetSystemPowerState
ReadFileEx
GetFullPathNameA
SetFileTime
SetHandleCount
WaitNamedPipeA
SetConsoleMode

advapi32

RegOpenKeyExW

comctl32

ImageList_GetImageRect
ImageList_SetDragCursorImage
ImageList_Destroy
FlatSB_SetScrollPos
ImageList_Remove
FlatSB_EnableScrollBar
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_Duplicate
CreatePropertySheetPageA
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
PropertySheetA
ImageList_SetImageCount
ord13
ImageList_GetBkColor
ImageList_Copy
ord14
FlatSB_SetScrollRange
ImageList_LoadImageW
ImageList_SetIconSize
DrawStatusText
ImageList_BeginDrag
UninitializeFlatSB
PropertySheetW
CreateToolbarEx
InitMUILanguage
ImageList_EndDrag
ImageList_Draw
ord6
FlatSB_GetScrollPos
ImageList_LoadImage
ImageList_Merge
ImageList_DragMove
ImageList_GetDragImage
ImageList_GetIconSize
_TrackMouseEvent
ord2
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_SetBkColor
ImageList_DragEnter
ImageList_Replace
ImageList_DrawIndirect
ImageList_GetImageCount
ord17
ImageList_SetOverlayImage
ord4
ord15
InitializeFlatSB
CreateStatusWindowW
ImageList_Write
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_LoadImageA
ImageList_Add
ord8
PropertySheet
FlatSB_GetScrollInfo
FlatSB_GetScrollProp
ord16
ImageList_AddMasked
ImageList_Read
ImageList_SetFilter
ImageList_DragLeave
FlatSB_SetScrollProp
ord3
CreateStatusWindow
GetMUILanguage
InitCommonControlsEx
ImageList_GetIcon

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text11
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textH3
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH4
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH1
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH5
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH9
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH10
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH11
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47Certificate

Extended Key Usages

62:94:75:ea:de:2b:0a:1a:7e:bd:2d:86:c8:e4:43:cd:9c:cc:5b:dbSigner

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

.text11 Size: 263KB - Virtual size: 263KB

.text12 Size: 2KB - Virtual size: 1KB

.textH3 Size: 512B - Virtual size: 500B

.textH4 Size: 512B - Virtual size: 500B

.textH1 Size: 512B - Virtual size: 500B

.textH5 Size: 512B - Virtual size: 500B

.textH6 Size: 512B - Virtual size: 500B

.textH7 Size: 512B - Virtual size: 500B

.textH8 Size: 512B - Virtual size: 500B

.textH9 Size: 512B - Virtual size: 500B

.textH10 Size: 512B - Virtual size: 500B

.textH11 Size: 512B - Virtual size: 500B

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

62:94:75:ea:de:2b:0a:1a:7e:bd:2d:86:c8:e4:43:cd:9c:cc:5b:db
Signer

.text
Size: 4KB - Virtual size: 3KB

.text11
Size: 263KB - Virtual size: 263KB

.text12
Size: 2KB - Virtual size: 1KB

.textH3
Size: 512B - Virtual size: 500B

.textH4
Size: 512B - Virtual size: 500B

.textH1
Size: 512B - Virtual size: 500B

.textH5
Size: 512B - Virtual size: 500B

.textH6
Size: 512B - Virtual size: 500B

.textH7
Size: 512B - Virtual size: 500B

.textH8
Size: 512B - Virtual size: 500B

.textH9
Size: 512B - Virtual size: 500B

.textH10
Size: 512B - Virtual size: 500B

.textH11
Size: 512B - Virtual size: 500B

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB