de6b7744978d1bada0b2a84583dfea07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de6b7744978d1bada0b2a84583dfea07_JaffaCakes118
Size

35KB
MD5

de6b7744978d1bada0b2a84583dfea07
SHA1

b526a60dbf322eaf5e84a076151ee567495ed12e
SHA256

021f19838840b495cd575a57e4637278ec9dcc6f8cbbced28b2256539f6b8a94
SHA512

77b09e2500cc0514e0d40cb9b01e9bf3b562c44a68f5b65533b6080a0f377779c7deb2f3869d784a9115fce3c9d264dd8b4815b31f01abc68446fedef9ef2215
SSDEEP

768:tfucffL9yUB8AaZbGQvqrHTcVPljM3XksZGRLzP:BxL9yUBLeqDwhljUX/GR3P

Score

1^/10

Malware Config

Signatures

Files

de6b7744978d1bada0b2a84583dfea07_JaffaCakes118
.dll windows:5 windows x86 arch:x86

8045544fe50e4b2560460d517b5662ec

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

Issuer

CN=222222222

Not Before

13/02/2012, 04:39

Not After

31/12/2039, 23:59

Subject

CN=222222222

Extended Key Usages

ExtKeyUsageCodeSigning

33:7c:34:fb:46:4c:9d:f5:46:22:c2:e1:e9:f5:24:68:85:cf:b0:82
Signer

Actual PE Digest

33:7c:34:fb:46:4c:9d:f5:46:22:c2:e1:e9:f5:24:68:85:cf:b0:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetSystemInfo
GetProcAddress
LoadLibraryA
GetWindowsDirectoryW

comdlg32

GetFileTitleW
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA

oleaut32

BSTR_UserFree
ClearCustData
CreateStdDispatch
CreateTypeLib2
GetActiveObject
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LoadTypeLi
OleCreatePropertyFrame
OleLoadPictureFile
OleLoadPicturePath
OleSavePictureFile
QueryPathOfRegTypeLi
RevokeActiveObject
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreateVector
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetElemsize
SafeArrayPutElement
SafeArraySetRecordInfo
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
VARIANT_UserMarshal
VarAnd
VarBoolFromCy
VarBoolFromI2
VarBstrCat
VarBstrCmp
VarBstrFromDec
VarBstrFromDisp
VarBstrFromUI1
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFromDate
VarCyMulI4
VarCyRound
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromUI2
VarDateFromUdate
VarDecAdd
VarDecCmpR8
VarDecFix
VarDecFromBool
VarDecFromDisp
VarDecFromI2
VarDecFromI4
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecSu
VarEqv
VarFormatCurrency
VarFormatFromTokens
VarFormatPercent
VarI1FromCy
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI2
VarI2FromCy
VarI2FromDisp
VarI2FromI1
VarI2FromStr
VarI2FromUI4
VarI4FromDate
VarI4FromDisp
VarI4FromR8
VarI4FromStr
VarI4FromUI2
VarI4FromUI4
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarOr
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromCy
VarR8FromDate
VarR8FromR4
VarR8FromUI1
VarUI1FromBool
VarUI1FromDec
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromI1
VarUI2FromStr
VarUI2FromUI4
VarUI4FromDec
VarUI4FromI4
VarUI4FromR4
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarXor
VectorFromBstr

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8045544fe50e4b2560460d517b5662ec

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83Certificate

Extended Key Usages

33:7c:34:fb:46:4c:9d:f5:46:22:c2:e1:e9:f5:24:68:85:cf:b0:82Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

oleaut32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 612B

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 18KB - Virtual size: 17KB

.text6 Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

33:7c:34:fb:46:4c:9d:f5:46:22:c2:e1:e9:f5:24:68:85:cf:b0:82
Signer

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 612B

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 18KB - Virtual size: 17KB

.text6
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB