e092596aa2a30775cf057f20b7fa4672_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e092596aa2a30775cf057f20b7fa4672_JaffaCakes118
Size

69KB
MD5

e092596aa2a30775cf057f20b7fa4672
SHA1

5f5554d795826ba25f03e316198245a31a8280de
SHA256

b26ecb65edc446d98500d9684c48181ec54af29be53eceed35c7e6f4a5024cf8
SHA512

def2e421c6f972b475bbca3426f7861b5c858f31dd29c50e17f5b0639fb49da13064c7d6d571ea23e882c7115d7b411c96ade712b7babba90f03c8493d7c910e
SSDEEP

1536:5IL9eMF3uJb8GAo6Wt2VUNwzROMFSYVbeWUM86:5IL9eMF3kb8G96S2Uw19YYVbeDM86

Score

1^/10

Malware Config

Signatures

Files

e092596aa2a30775cf057f20b7fa4672_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8045544fe50e4b2560460d517b5662ec

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

Issuer

CN=222222222

Not Before

13/02/2012, 04:39

Not After

31/12/2039, 23:59

Subject

CN=222222222

Extended Key Usages

ExtKeyUsageCodeSigning

17:65:10:4b:6b:ec:5e:a5:6a:be:c1:65:64:d0:d7:3c:94:91:2e:20
Signer

Actual PE Digest

17:65:10:4b:6b:ec:5e:a5:6a:be:c1:65:64:d0:d7:3c:94:91:2e:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetSystemInfo
GetProcAddress
LoadLibraryA
GetWindowsDirectoryW

comdlg32

GetFileTitleW
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA

oleaut32

BSTR_UserFree
ClearCustData
CreateStdDispatch
CreateTypeLib2
GetActiveObject
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LoadTypeLi
OleCreatePropertyFrame
OleLoadPictureFile
OleLoadPicturePath
OleSavePictureFile
QueryPathOfRegTypeLi
RevokeActiveObject
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreateVector
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetElemsize
SafeArrayPutElement
SafeArraySetRecordInfo
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
VARIANT_UserMarshal
VarAnd
VarBoolFromCy
VarBoolFromI2
VarBstrCat
VarBstrCmp
VarBstrFromDec
VarBstrFromDisp
VarBstrFromUI1
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFromDate
VarCyMulI4
VarCyRound
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromUI2
VarDateFromUdate
VarDecAdd
VarDecCmpR8
VarDecFix
VarDecFromBool
VarDecFromDisp
VarDecFromI2
VarDecFromI4
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecSu
VarEqv
VarFormatCurrency
VarFormatFromTokens
VarFormatPercent
VarI1FromCy
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI2
VarI2FromCy
VarI2FromDisp
VarI2FromI1
VarI2FromStr
VarI2FromUI4
VarI4FromDate
VarI4FromDisp
VarI4FromR8
VarI4FromStr
VarI4FromUI2
VarI4FromUI4
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarOr
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromCy
VarR8FromDate
VarR8FromR4
VarR8FromUI1
VarUI1FromBool
VarUI1FromDec
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromI1
VarUI2FromStr
VarUI2FromUI4
VarUI4FromDec
VarUI4FromI4
VarUI4FromR4
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarXor
VectorFromBstr

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8045544fe50e4b2560460d517b5662ec

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83Certificate

Extended Key Usages

17:65:10:4b:6b:ec:5e:a5:6a:be:c1:65:64:d0:d7:3c:94:91:2e:20Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

oleaut32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 612B

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 57KB - Virtual size: 56KB

.text6 Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

17:65:10:4b:6b:ec:5e:a5:6a:be:c1:65:64:d0:d7:3c:94:91:2e:20
Signer

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 612B

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 57KB - Virtual size: 56KB

.text6
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB