dd20cc52a8d4df7c44b54c5d0e8ad812_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd20cc52a8d4df7c44b54c5d0e8ad812_JaffaCakes118
Size

209KB
MD5

dd20cc52a8d4df7c44b54c5d0e8ad812
SHA1

02839e6161dd02ac7c5dab84e5cff61535495908
SHA256

e36d165c10eb84e9640f5d9f3f9ba04337dc7e8159ec1c22f44caf8ab32afdac
SHA512

84da709a24f6542aad7787100b91380136a83a921f998672b366348bb9fb2e2d5d22531eb2fa81eb531e15998e5247aeeeab8f1ffdc6900ea859807314d915d7
SSDEEP

3072:TdGfsT5kKN/S3BJXKgRpRDPSQEGBNt/9AIXNMujCTWMAIWVuINA/Y+/03KnY3GfB:Zks9V1QkaLHtquGBWAyYYycto

Score

1^/10

Malware Config

Signatures

Files

dd20cc52a8d4df7c44b54c5d0e8ad812_JaffaCakes118
.dll windows:5 windows x86 arch:x86

4fd592729df48234ec8ecdc80025ce93

Code Sign

34:c6:ea:f4:2b:3d:b4:5f:b9:62:50:51:80:42:ff:ba
Certificate

Issuer

CN=ZlKnsuNl90ujY9i

Not Before

21/03/2012, 11:21

Not After

31/12/2039, 23:59

Subject

CN=ZlKnsuNl90ujY9i

Extended Key Usages

ExtKeyUsageCodeSigning

7c:32:b0:75:47:22:a5:49:16:7e:96:85:b8:98:47:13:97:83:7b:c1
Signer

Actual PE Digest

7c:32:b0:75:47:22:a5:49:16:7e:96:85:b8:98:47:13:97:83:7b:c1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryA
CreateFileA
lstrlenA
lstrcpyA
GetWindowsDirectoryA
AssignProcessToJobObject
BeginUpdateResourceA
BuildCommDCBA
CancelIo
ClearCommError
CommConfigDialogW
CompareStringA
ConvertThreadToFiber
CopyFileA
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExW
CreateEventA
CreateHardLinkA
CreateMailslotA
CreateMailslotW
CreateMutexA
CreateProcessW
CreateTimerQueue
DeleteCriticalSection
DeleteFiber
DeleteTimerQueue
DnsHostnameToComputerNameA
DuplicateHandle
EnumCalendarInfoExA
EnumResourceLanguagesA
EnumSystemLocalesA
EnumTimeFormatsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindAtomW
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExW
FindFirstFileW
FindNextChangeNotification
FindResourceExA
FindResourceW
FlushViewOfFile
FoldStringA
FoldStringW
FormatMessageA
FreeLibraryAndExitThread
FreeResource
GetACP
GetBinaryTypeA
GetCommConfig
GetCommModemStatus
GetCompressedFileSizeA
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleAliasExesW
GetConsoleAliasesA
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceExA
GetDiskFreeSpaceW
GetEnvironmentStrings
GetEnvironmentVariableW
GetFileAttributesExA
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLargestConsoleWindowSize
GetLastError
GetLongPathNameA
GetModuleFileNameW
GetNamedPipeHandleStateW
GetNumberOfConsoleMouseButtons
GetOverlappedResult
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcessAffinityMask
GetProcessHeaps
GetProfileSectionA
GetQueuedCompletionStatus
GetStartupInfoA
GetStringTypeA
GetSystemDefaultLangID
GetSystemTime
GetSystemWindowsDirectoryA
GetTapeParameters
GetThreadPriority
GetThreadPriorityBoost
GetTickCount
GetTimeZoneInformation
GetVolumeNameForVolumeMountPointW
GetVolumePathNameA
GetWriteWatch
GlobalFindAtomA
GlobalFindAtomW
GlobalFree
GlobalReAlloc
GlobalUnWire
Heap32First
Heap32Next
HeapCreate
HeapReAlloc
HeapValidate
InitializeCriticalSection
InterlockedCompareExchange
InterlockedIncrement
IsBadWritePtr
IsDBCSLeadByteEx
IsValidCodePage
IsValidLocale
LCMapStringW
LoadLibraryExA
LoadLibraryW
LoadModule
LocalFlags
LocalReAlloc
LocalShrink
LockResource
MoveFileA
MoveFileExA
MulDiv
OpenEventW
OpenFileMappingA
OpenSemaphoreW
OutputDebugStringW
PrepareTape
Process32NextW
QueryDosDeviceA
QueryDosDeviceW
QueryInformationJobObject
ReadConsoleA
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadDirectoryChangesW
RequestWakeupLatency
SetComputerNameA
SetConsoleCP
SetConsoleCursor
SetConsoleDisplayMode
SetConsoleMode
SetConsoleOutputCP
SetConsoleWindowInfo
SetCurrentDirectoryW
SetDefaultCommConfigA
SetFileApisToOEM
SetFilePointer
SetFileTime
SetNamedPipeHandleState
SetPriorityClass
SetProcessWorkingSetSize
SetSystemPowerState
SetSystemTime
SetThreadExecutionState
SetTimeZoneInformation
SetUnhandledExceptionFilter
SetVolumeLabelA
SwitchToFiber
TerminateThread
TlsFree
TransactNamedPipe
UnlockFile
VerLanguageNameA
VirtualFreeEx
VirtualProtectEx
VirtualUnlock
WriteConsoleA
WriteConsoleInputA
WriteConsoleOutputA
WriteFileEx
WritePrivateProfileSectionW
WritePrivateProfileStringA
WritePrivateProfileStructW
WriteProfileSectionA
_hwrite
_lcreat
_lwrite
lstrcmpW
lstrcpy
lstrcpynW

user32

TranslateAccelerator
UnhookWinEvent
UnpackDDElParam
UpdateLayeredWindow
ValidateRgn
VkKeyScanExA
VkKeyScanExW
VkKeyScanW
WinHelpA
WinHelpW
WindowFromDC
keybd_event
wvsprintfA
GetSystemMetrics
LoadStringA
ActivateKeyboardLayout
AdjustWindowRect
AllowSetForegroundWindow
AppendMenuA
BroadcastSystemMessage
BroadcastSystemMessageW
CharLowerA
CharNextW
CharToOemBuffW
CharUpperBuffW
CheckDlgButton
CheckMenuItem
CloseClipboard
CloseDesktop
CopyAcceleratorTableW
CreateAcceleratorTableA
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
CreateIconIndirect
CreateMDIWindowW
CreateMenu
CreatePopupMenu
DdeClientTransaction
DdeCmpStringHandles
DdeDisconnectList
DdeEnableCallback
DdeFreeDataHandle
DdeGetData
DdeNameService
DdePostAdvise
DdeQueryStringA
DdeQueryStringW
DdeReconnect
DdeUnaccessData
DefFrameProcA
DestroyCaret
DestroyCursor
DialogBoxParamA
DlgDirSelectExA
DrawCaption
DrawFocusRect
DrawFrame
DrawIcon
EditWndProc
EnableMenuItem
EnableWindow
EndMenu
EnumChildWindows
EnumDisplaySettingsExW
FindWindowW
GetAltTabInfo
GetAncestor
GetAsyncKeyState
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassInfoW
GetClassLongA
GetClassNameW
GetClientRect
GetClipboardFormatNameW
GetComboBoxInfo
GetGuiResources
GetInputState
GetKBCodePage
GetKeyboardState
GetLastInputInfo
GetMenuContextHelpId
GetMenuInfo
GetMenuItemInfoA
GetMessageExtraInfo
GetMessagePos
GetMessageW
GetMouseMovePointsEx
GetNextDlgGroupItem
GetPriorityClipboardFormat
GetPropW
GetQueueStatus
GetSubMenu
GetSysColorBrush
GetTopWindow
GetUserObjectSecurity
GetWindowRgn
GetWindowThreadProcessId
IMPGetIMEA
IMPQueryIMEW
IMPSetIMEA
InsertMenuItemA
InsertMenuW
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
IsChild
IsDialogMessage
IsDialogMessageA
IsMenu
IsZoomed
LoadAcceleratorsW
LoadBitmapW
LoadIconW
LoadImageW
LoadMenuIndirectW
LockWorkStation
LookupIconIdFromDirectoryEx
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxIndirectW
MessageBoxW
ModifyMenuA
ModifyMenuW
MonitorFromWindow
MsgWaitForMultipleObjects
NotifyWinEvent
OemToCharBuffW
OemToCharW
OpenInputDesktop
PaintDesktop
PeekMessageW
PostMessageW
PostQuitMessage
RealChildWindowFromPoint
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationA
ReplyMessage
ReuseDDElParam
ScreenToClient
ScrollDC
SendIMEMessageExA
SendMessageCallbackA
SetCursor
SetCursorPos
SetDebugErrorLevel
SetDlgItemTextW
SetForegroundWindow
SetMenuItemInfoA
SetMessageQueue
SetProcessWindowStation
TrackPopupMenuEx
TrackMouseEvent
ToUnicode
TileChildWindows
SystemParametersInfoW
SwitchDesktop
SwapMouseButton
SubtractRect
ShowWindow
ShowScrollBar
ShowCaret
SetWindowsHookExA
SetWindowWord
SetWindowLongW
SetWindowContextHelpId
SetSysColors
SetShellWindow
SetWindowTextW

ole32

WriteOleStg
WriteFmtUserTypeStg
WriteClassStg
WdtpInterfacePointer_UserSize
UtGetDvtd32Info
UtGetDvtd16Info
UpdateDCOMSettings
StringFromIID
StgSetTimes
StgPropertyLengthAsVariant
StgOpenStorageOnILockBytes
StgOpenStorageEx
StgOpenStorage
StgOpenPropStg
StgIsStorageILockBytes
StgIsStorageFile
StgGetIFillLockBytesOnILockBytes
StgCreatePropStg
StgCreateDocfile
StgConvertVariantToProperty
StgConvertPropertyToVariant
SetDocumentBitStg
SetConvertStg
STGMEDIUM_UserUnmarshal
STGMEDIUM_UserSize
STGMEDIUM_UserMarshal
SNB_UserUnmarshal
SNB_UserSize
SNB_UserMarshal
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
PropVariantCopy
PropVariantClear
OleUninitialize
OleTranslateAccelerator
OleRun
OleRegGetUserType
OleRegGetMiscStatus
OleRegEnumVerbs
OleMetafilePictFromIconAndLabel
OleInitializeWOW
OleInitialize
OleGetIconOfFile
OleGetIconOfClass
OleGetClipboard
OleGetAutoConvert
OleFlushClipboard
OleDestroyMenuDescriptor
OleCreateStaticFromData
OleCreateMenuDescriptor
OleCreateLinkFromDataEx
OleCreateLinkEx
OleCreateFromFile
OleCreateEmbeddingHelper
OleCreate
OleConvertOLESTREAMToIStorageEx
OleConvertIStorageToOLESTREAMEx
OleBuildVersion
MonikerRelativePathTo
HWND_UserUnmarshal
HWND_UserSize
HWND_UserFree
HPALETTE_UserSize
HPALETTE_UserMarshal
HPALETTE_UserFree
HMETAFILE_UserUnmarshal
HMETAFILE_UserSize
HMETAFILE_UserMarshal
HMETAFILE_UserFree
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserFree
HMENU_UserUnmarshal
HMENU_UserSize
HICON_UserSize
HICON_UserMarshal
HGLOBAL_UserSize
HGLOBAL_UserFree
HENHMETAFILE_UserUnmarshal
HENHMETAFILE_UserSize
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserFree
HDC_UserUnmarshal
HDC_UserSize
HBRUSH_UserUnmarshal
HBRUSH_UserSize
HBRUSH_UserMarshal
HBITMAP_UserMarshal
HACCEL_UserUnmarshal
HACCEL_UserFree
GetRunningObjectTable
GetHGlobalFromStream
GetConvertStg
FreePropVariantArray
FmtIdToPropStgName
EnableHookObject
DoDragDrop
DllGetClassObjectWOW
DllDebugObjectRPCHook
CreatePointerMoniker
CreateObjrefMoniker
CreateGenericComposite
CreateClassMoniker
CreateAntiMoniker
CoWaitForMultipleHandles
CoUnloadingWOW
CoTreatAsClass
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoSwitchCallContext
CoRevokeMallocSpy
CoReleaseServerProcess
CoRegisterSurrogateEx
CoRegisterSurrogate
CoRegisterPSClsid
CoRegisterMessageFilter
CoRegisterMallocSpy
CoReactivateObject
CoQueryProxyBlanket
CoQueryClientBlanket
CoQueryAuthenticationServices
CoInstall
CoInitializeSecurity
CoInitializeEx
CoGetStandardMarshal
CoGetPSClsid
CoGetObjectContext
CoGetMarshalSizeMax
CoGetInstanceFromIStorage
CoGetInstanceFromFile
CoFreeLibrary
CoFreeAllLibraries
CoFileTimeToDosDateTime
CoEnableCallCancellation
CoDeactivateObject
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoCopyProxy
CLSIDFromString
CLSIDFromProgID
CLIPFORMAT_UserUnmarshal
CLIPFORMAT_UserSize
CLIPFORMAT_UserMarshal

oleaut32

VectorFromBstr
VariantTimeToSystemTime
VariantCopyInd
VariantCopy
VariantChangeTypeEx
VarXor
VarUI4FromUI1
VarUI4FromStr
VarUI4FromR8
VarUI4FromR4
VarUI4FromI4
VarUI4FromI1
VarUI4FromDec
VarUI4FromDate
VarUI4FromCy
VarUI2FromUI1
VarUI2FromR8
VarUI2FromI4
VarUI2FromDisp
VarUI2FromDec
VarUI2FromDate
VarUI2FromCy
VarUI1FromR8
VarUI1FromR4
VarUI1FromI2
VarUI1FromCy
VarSu
VarRound
VarR8Pow
VarR8FromUI4
VarR8FromUI2
VarR8FromR4
VarR8FromDisp
VarR8FromCy
VarR4FromUI2
VarR4FromUI1
VarR4FromStr
VarR4FromI2
VarR4FromDisp
VarR4FromDec
VarR4FromDate
VarR4FromCy
VarR4FromBool
VarR4CmpR8
VarNot
VarNeg
VarIdiv
VarI4FromUI4
VarI4FromUI2
VarI4FromUI1
VarI4FromR8
VarI4FromR4
VarI4FromDisp
VarI4FromDec
VarI4FromBool
VarI2FromUI4
VarI2FromR8
VarI2FromR4
VarI2FromI4
VarI2FromDate
VarI2FromCy
VarI1FromUI2
VarI1FromStr
VarI1FromI2
VarI1FromDisp
VarI1FromDec
VarI1FromDate
VarI1FromCy
VarI1FromBool
VarFormatPercent
VarFormatDateTime
VarFormatCurrency
VarFix
VarDecSu
VarDecRound
VarDecNeg
VarDecMul
VarDecInt
VarDecFromUI4
VarDecFromUI2
VarDecFromUI1
VarDecFromStr
VarDecFromR8
VarDecFromR4
VarDecFromI4
VarDecFromI1
VarDecFromBool
VarDecDiv
VarDecAdd
VarDecAbs
VarDateFromStr
VarDateFromR8
VarDateFromDisp
VarDateFromCy
VarDateFromBool
VarCyRound
VarCyMulI4
VarCyMul
VarCyInt
VarCyFromUI4
VarCyFromUI1
VarCyFromR8
VarCyFromI4
VarCyFromI2
VarCyFromDate
VarCyCmpR8
VarCyCmp
VarCyAdd
VarCmp
VarCat
VarBstrFromUI1
VarBstrFromR8
VarBstrFromI2
VarBstrFromDec
VarBstrFromDate
VarBstrFromBool
VarBstrCmp
VarBoolFromUI4
VarBoolFromStr
VarBoolFromR4
VarBoolFromI1
VarBoolFromDisp
VarBoolFromDate
VarAbs
VARIANT_UserMarshal
VARIANT_UserFree
SystemTimeToVariantTime
SysStringByteLen
SysReAllocString
SysFreeString
SafeArraySetIID
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayDestroyData
SafeArrayCreateVectorEx
SafeArrayCreate
SafeArrayAllocDescriptorEx
SafeArrayAllocData
SafeArrayAccessData
RevokeActiveObject
RegisterTypeLi
OleTranslateColor
OleSavePictureFile
OleLoadPicturePath
OleLoadPictureFileEx
OleLoadPicture
OleIconToCursor
OACreateTypeLib2
LoadTypeLi
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_Marshal
LHashValOfNameSys
GetRecordInfoFromTypeInfo
DispInvoke
CreateErrorInfo
CreateDispTypeInfo
ClearCustData
BstrFromVector
BSTR_UserSize
BSTR_UserMarshal

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fd592729df48234ec8ecdc80025ce93

Code Sign

34:c6:ea:f4:2b:3d:b4:5f:b9:62:50:51:80:42:ff:baCertificate

Extended Key Usages

7c:32:b0:75:47:22:a5:49:16:7e:96:85:b8:98:47:13:97:83:7b:c1Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 199KB - Virtual size: 199KB

.data Size: 512B - Virtual size: 124B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 3KB

34:c6:ea:f4:2b:3d:b4:5f:b9:62:50:51:80:42:ff:ba
Certificate

7c:32:b0:75:47:22:a5:49:16:7e:96:85:b8:98:47:13:97:83:7b:c1
Signer

.text
Size: 199KB - Virtual size: 199KB

.data
Size: 512B - Virtual size: 124B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 3KB