de919e8bb34955cbbcd20930564e0908_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

de919e8bb34955cbbcd20930564e0908_JaffaCakes118
Size

276KB
MD5

de919e8bb34955cbbcd20930564e0908
SHA1

2ac8129ac0e64b989a9c445f909ea6f7a84d795b
SHA256

8186caea49adfbb45e783dfcc5e3c8c30e328ce3383e033475e60ab0c92e1247
SHA512

802a2c25321eae9c8c6115d16e8570f5d6fc96ea99bb030557b312484363bafb495a96641b0050f9d08c44136012732f1ad4ef58d38a17b289007a1a411b738f
SSDEEP

6144:tCFVCW9rUSUa4klU2SC9IZCNkyBr0i51eQwprAvsuA6L:tCFVXrUSCqUFCXNkyBt1e9rAvEY

Score

1^/10

Malware Config

Signatures

Files

de919e8bb34955cbbcd20930564e0908_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10df4effdccda068cdbe539c9036ff55

Code Sign

06:e2:bc:62:8e:28:f4:7d:b8:fd:0e:ea:7f:f3:37:50
Certificate

Issuer

CN=5r6Io0OJu3L2

Not Before

16-03-2012 07:53

Not After

31-12-2039 23:59

Subject

CN=5r6Io0OJu3L2

Extended Key Usages

ExtKeyUsageCodeSigning

37:1b:37:c1:66:e8:73:44:57:cc:38:14:17:e2:64:2d:96:98:4b:43
Signer

Actual PE Digest

37:1b:37:c1:66:e8:73:44:57:cc:38:14:17:e2:64:2d:96:98:4b:43

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CancelDeviceWakeupRequest
SetPriorityClass
BeginUpdateResourceA
RemoveDirectoryW
EnumSystemLanguageGroupsA
FlushViewOfFile
CreateProcessA
CreateFileW
SetCommTimeouts
InterlockedExchangeAdd
ReplaceFile
GetDateFormatW
FindNextVolumeMountPointW
FormatMessageW
EnterCriticalSection
WriteFile
GetTapeParameters
GetConsoleAliasesLengthW
GetDevicePowerState
UnmapViewOfFile
CreateFileMappingA
ContinueDebugEvent
VerLanguageNameW
GetSystemInfo
GlobalDeleteAtom
GetDiskFreeSpaceW
QueueUserWorkItem
GetAtomNameW
VirtualProtectEx
ResetWriteWatch
CreateDirectoryExA
SetCurrentDirectoryW
SetCommMask
EnumCalendarInfoExA
GetStdHandle
InterlockedDecrement
FoldStringA
FindFirstFileExW
SetCalendarInfoW
LoadLibraryExW
AddConsoleAliasA
FindResourceExW
SwitchToFiber
SetConsoleTitleA
SetHandleCount
FindFirstFileExA
OpenJobObjectA
GlobalFree
FindAtomW
Beep
IsBadHugeWritePtr
SetProcessShutdownParameters
SetHandleInformation
LocalReAlloc
PeekConsoleInputW
FindClose
GlobalMemoryStatusEx
GetDefaultCommConfigW
GetStringTypeExA
GetComputerNameA
HeapDestroy
WriteConsoleOutputCharacterW
EnumDateFormatsA
CreateTimerQueue
CreateEventA
InitializeCriticalSectionAndSpinCount
ReadDirectoryChangesW
GetBinaryType
GetConsoleCP
SetCommState
GetCommProperties
ResetEvent
UnlockFile
IsBadCodePtr
GetCurrentDirectoryW
_lopen
GetCompressedFileSizeA
GetThreadSelectorEntry
IsBadWritePtr
GetComputerNameExA
GetConsoleAliasesA
CreateTimerQueueTimer
CreateToolhelp32Snapshot
CopyFileA
GetNamedPipeHandleStateA
FindFirstChangeNotificationA
GetTempFileNameW
GetUserDefaultLCID
GlobalHandle
SetInformationJobObject
GetCurrencyFormatW
ReadFile
GetLongPathNameW
GetPrivateProfileIntW
lstrcmpiW
LocalFileTimeToFileTime

user32

TabbedTextOutW
IsCharAlphaA
GetWindow
GetMenuItemRect
GetMessageTime
GetMenuDefaultItem
LoadKeyboardLayoutA
KillTimer
GetQueueStatus
GetClassLongW
DefFrameProcW
CreateIconFromResourceEx
UnpackDDElParam
FindWindowExA
CreateCaret
CreateWindowExA
CreatePopupMenu
ScrollWindowEx
SetSysColors
DrawIconEx
GetMouseMovePointsEx
CopyImage
MessageBoxA
DlgDirSelectComboBoxExA
CreateAcceleratorTableA
CreateWindowStationW
IsCharLowerW
MessageBeep
GetKeyboardLayoutNameA
SetForegroundWindow
DefWindowProcW
MenuItemFromPoint
SetDeskWallpaper
MessageBoxExW
ShowScrollBar
DdeReconnect
SetClassWord
ValidateRect
LoadMenuW
UpdateLayeredWindow
AppendMenuA
FindWindowA
GetUserObjectInformationA
SetCapture
SwapMouseButton
GetWindowWord
IMPSetIMEW
SetWindowLongW
UnhookWindowsHookEx
OemToCharW
ToUnicodeEx
DialogBoxParamW
IMPQueryIMEA
wsprintfA
EnumDisplaySettingsExA
SwitchDesktop
IsCharAlphaNumericW
LoadCursorFromFileW
CharToOemBuffA
EndMenu
SetCaretPos
AppendMenuW
ReuseDDElParam
PeekMessageW
InsertMenuA
DrawFrameControl
CharUpperBuffW
SetFocus
SetMessageExtraInfo
PackDDElParam
InsertMenuW
EqualRect
DdeSetUserHandle
UpdateWindow
AttachThreadInput
GetPropW
ModifyMenuW
CopyIcon
GetClipboardOwner
IsZoomed
EnumClipboardFormats
SetMenu
PostMessageW
EnumWindowStationsW
OpenDesktopA
OemToCharBuffA
RealGetWindowClassW
GetWindowInfo
DdeGetData
MonitorFromRect
UnhookWindowsHook
IsDialogMessage
DdeInitializeW

advapi32

RegOpenKeyExW

oleaut32

SafeArrayCopy
OleLoadPicture
SysAllocStringLen
VarUI4FromR8
VarUI1FromI1
VarI1FromR4
VarI2FromStr
VarR4FromI4
VarI2FromI1
BSTR_UserUnmarshal
VarFormatNumber
VarDecFromR8
LoadTypeLi
VarBoolFromUI1
VarBoolFromDec
VarUI2FromDec
VarCyFromI2
VarR8FromDec
VarI4FromUI4
VarDecFromCy
VarI2FromDisp
VarI2FromDate
VarUI1FromUI4
VarUI2FromI2
VarUI2FromR4
VarBoolFromCy
VarI2FromCy
VarDateFromUdateEx
VarDecFromUI2
GetAltMonthNames
VarDateFromUI4
OleLoadPictureFile
VarDecSu
CreateStdDispatch
LPSAFEARRAY_Unmarshal
SafeArrayGetElemsize
VarR4FromI1
VarR4FromDate
VarBoolFromI2
VarI4FromDate
VarAnd
VarCyCmp
VarDecDiv
VarUI1FromStr
LoadRegTypeLi
VarDecAbs
VarI4FromR4
VarI1FromStr
VarBstrFromR4
VarR8FromDisp
VarBstrFromDec
OaBuildVersion
VARIANT_UserSize
SysStringLen
VarPow
VarDecCmpR8
VarDateFromI1
VarI4FromUI1
VarI2FromDec
VarBoolFromI1
BSTR_UserSize
LHashValOfNameSys
VarBoolFromStr
LPSAFEARRAY_Marshal
VarCyInt
VarCyFromR4
VarUI2FromCy
VarI4FromDec
VariantCopyInd
SafeArrayAllocData
BstrFromVector
VarBoolFromUI4
SysStringByteLen
VarI4FromI1
VarI2FromR4
VarI2FromUI1
VarBoolFromUI2
VarDecFromStr
GetActiveObject
VarBstrFromCy
VarMul
VARIANT_UserFree
VarCyFromUI2
VarR8FromBool
VarI1FromDec
BSTR_UserFree
VarCyCmpR8
VarDecNeg
VarInt
OleLoadPictureFileEx
SafeArrayGetLBound

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

r2
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10df4effdccda068cdbe539c9036ff55

Code Sign

06:e2:bc:62:8e:28:f4:7d:b8:fd:0e:ea:7f:f3:37:50Certificate

Extended Key Usages

37:1b:37:c1:66:e8:73:44:57:cc:38:14:17:e2:64:2d:96:98:4b:43Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 4KB - Virtual size: 3KB

r2 Size: 260KB - Virtual size: 259KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

06:e2:bc:62:8e:28:f4:7d:b8:fd:0e:ea:7f:f3:37:50
Certificate

37:1b:37:c1:66:e8:73:44:57:cc:38:14:17:e2:64:2d:96:98:4b:43
Signer

.text
Size: 4KB - Virtual size: 3KB

r2
Size: 260KB - Virtual size: 259KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB