efa7b5226d954fcfb27d4b69d9c23f3b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efa7b5226d954fcfb27d4b69d9c23f3b_JaffaCakes118
Size

43KB
MD5

efa7b5226d954fcfb27d4b69d9c23f3b
SHA1

ffaf54d33a3cd6b82d7bf6439ceae82551c858ea
SHA256

0b96a28062d88e4dac150b1408ea67c9bc9c6f8a3370eb8a70ecb04b7fbfd1a2
SHA512

eb712d5f0c55fc241c3cb2032ac1d61d26975e4343b58e287e46b4942f24a20e4e2a5bd3597ec3bb9bf5eb84bf9e5eebf633fb0558a14fd58ffd31b1f3063b81
SSDEEP

768:fIUotyCDbJzsx8rofBONN6DQw6i8Hl2qC0IeAohqw4CsooCoTspBBBBBBBxJ:ffotD2x8caNUV/qC08m7smBBBBBBBL

Score

1^/10

Malware Config

Signatures

Files

efa7b5226d954fcfb27d4b69d9c23f3b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a12d4b1de9187baad879c2276d0717fd

Code Sign

36:35:08:95:64:52:5f:6f:b1:1f:52:d0:9d:06:c0:80
Certificate

Issuer

CN=nn inc

Not Before

12/01/2012, 10:07

Not After

31/12/2039, 23:59

Subject

CN=nn inc

Extended Key Usages

ExtKeyUsageCodeSigning

60:ae:2c:9b:00:f4:81:7b:57:10:f9:2e:d1:80:d7:88:39:1a:d6:fd
Signer

Actual PE Digest

60:ae:2c:9b:00:f4:81:7b:57:10:f9:2e:d1:80:d7:88:39:1a:d6:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteTapemark
_lclose
_llseek
WritePrivateProfileSectionW
lstrcmpW
lstrcmpi
WritePrivateProfileSectionA
WriteFileGather
WriteFileEx
WriteFile
WriteConsoleOutputCharacterA
WriteConsoleOutputA
VirtualFreeEx
VerifyVersionInfoW
UpdateResourceW
UnlockFile
TryEnterCriticalSection
SystemTimeToTzSpecificLocalTime
Sleep
SignalObjectAndWait
SetWaitableTimer
SetVolumeMountPointW
SetTapeParameters
SetLocalTime
SetHandleCount
SetFileAttributesW
SetErrorMode
SetConsoleTitleW
SetConsoleDisplayMode
SetConsoleActiveScreenBuffer
ResetEvent
ReleaseMutex
ReadConsoleW
QueryPerformanceCounter
QueryInformationJobObject
QueryDosDeviceW
Process32NextW
PeekConsoleInputW
PeekConsoleInputA
OpenSemaphoreA
OpenEventA
LocalHandle
LocalFileTimeToFileTime
IsDBCSLeadByteEx
HeapDestroy
GlobalHandle
GetTickCount
GetThreadLocale
GetTempPathW
GetTempFileNameA
GetTapePosition
GetSystemTimeAdjustment
GetSystemTime
GetSystemInfo
GetStartupInfoW
GetProcessVersion
GetProcessShutdownParameters
GetPrivateProfileStringA
GetPrivateProfileSectionW
GetDriveTypeW
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentDirectoryW
GetCurrencyFormatA
GetComputerNameW
GetComputerNameExA
GetCompressedFileSizeA
GetAtomNameW
FindFirstVolumeMountPointW
FindFirstVolumeA
FindFirstFileExA
FindAtomW
EscapeCommFunction
EnumTimeFormatsA
EnumResourceNamesA
CreateFileW
EnumCalendarInfoA
DnsHostnameToComputerNameW
DisableThreadLibraryCalls
DeleteFileA
DefineDosDeviceW
CreateTimerQueue
CreateNamedPipeA
CreateEventW
CreateEventA
CreateDirectoryExW
ContinueDebugEvent
CompareStringW
CommConfigDialogA
CallNamedPipeW
Beep
AreFileApisANSI
AllocConsole
GetStartupInfoA
GetProcAddress
LoadLibraryA
GetProcessHeap
GetWindowsDirectoryW
lstrcatW
_lopen

user32

DragDetect
DispatchMessageA
DestroyMenu
DefMDIChildProcW
DefFrameProcA
DdeSetQualityOfService
DdeQueryStringW
DdeNameService
DdeCreateStringHandleW
DdeAbandonTransaction
CreatePopupMenu
CreateIconFromResourceEx
CreateIconFromResource
CreateDialogParamW
CopyAcceleratorTableA
CheckRadioButton
CharUpperA
CharToOemBuffA
CharLowerBuffW
CallWindowProcW
CallWindowProcA
CallMsgFilterA
BroadcastSystemMessageW
BroadcastSystemMessageA
BeginPaint
DragObject
DrawFocusRect
DrawStateA
DrawTextA
EnableMenuItem
EndDialog
EnumClipboardFormats
EnumDesktopsA
EnumPropsA
FlashWindow
GetCapture
GetCaretPos
GetClassInfoW
GetClassLongW
GetClassNameA
GetClipCursor
GetClipboardFormatNameA
GetClipboardViewer
GetCursor
GetFocus
GetListBoxInfo
GetMenuItemCount
GetMenuItemRect
GetMenuStringA
GetScrollPos
GetThreadDesktop
GetWindowDC
GetWindowPlacement
GetWindowThreadProcessId
IMPQueryIMEW
InflateRect
InsertMenuW
IsWindow
KillTimer
LoadCursorFromFileW
LoadIconW
LoadImageA
LoadKeyboardLayoutA
LoadMenuA
MapVirtualKeyExA
MapVirtualKeyW
MapWindowPoints
MsgWaitForMultipleObjects
OpenInputDesktop
PackDDElParam
PeekMessageA
RedrawWindow
RegisterClassExA
RegisterHotKey
SendInput
SendMessageA
SetActiveWindow
SetCaretPos
SetClassWord
SetKeyboardState
SetMenu
VkKeyScanExA
UnregisterDeviceNotification
UnregisterClassW
UnhookWindowsHook
TranslateMDISysAccel
TrackMouseEvent
SystemParametersInfoA
SwitchToThisWindow
SetWindowPos
SetPropA
SetMenuItemInfoA

gdi32

FlattenPath
AbortPath
AngleArc
Arc
CheckColorsInGamut
ColorCorrectPalette
CreateBitmap
CreateBitmapIndirect
CreateColorSpaceA
CreatePolyPolygonRgn
EngAssociateSurface
EngCreateBitmap
EngDeletePath
EngFillPath
EngStretchBlt
EngStrokePath
EngUnlockSurface
EnumObjects
ExcludeClipRect
ExtEscape
ExtFloodFill
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_pxoGetXform
FixBrushOrgEx
GdiAddGlsRecord
GdiCleanCacheDC
GdiConsoleTextOut
GdiConvertMetaFilePict
GdiConvertPalette
GdiConvertRegion
GdiCreateLocalMetaFilePict
GdiEntry3
GdiEntry7
GdiGetLocalBrush
GdiGetSpoolMessage
GdiPrinterThunk
GdiProcessSetup
GdiQueryFonts
GdiQueryTable
GdiReleaseLocalDC
GdiSwapBuffers
GetBrushOrgEx
GetCharABCWidthsI
GetColorSpace
GetDCOrgEx
GetDIBits
GetDeviceGammaRamp
GetEnhMetaFilePixelFormat
GetGlyphIndicesA
GetGlyphOutline
GetLogColorSpaceW
GetMetaFileBitsEx
GetMetaRgn
GetMiterLimit
GetObjectType
GetStockObject
GetTextCharsetInfo
GetTextExtentPointA
GetTextExtentPointI
GetTextMetricsA
IntersectClipRect
InvertRgn
NamedEscape
PATHOBJ_bEnum
PaintRgn
PlayMetaFile
PolyBezier
PolyTextOutA
PolyTextOutW
QueryFontAssocStatus
RealizePalette
Rectangle
RemoveFontMemResourceEx
RemoveFontResourceA
RemoveFontResourceExW
RemoveFontResourceTracking
ResetDCA
STROBJ_dwGetCodePage
SetBitmapDimensionEx
SetEnhMetaFileBits
SetMapMode
SetMapperFlags
SetMiterLimit
SetTextColor
SetWinMetaFileBits
SetWindowOrgEx
SwapBuffers
UpdateColors
UpdateICMRegKeyA
WidenPath
XLATEOBJ_cGetPalette
XLATEOBJ_iXlate
AbortDoc

shell32

SHGetDiskFreeSpaceExA
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteEx
ShellAboutW
ShellAboutA
SHQueryRecycleBinW
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHInvokePrinterCommandA
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DuplicateIcon
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractIconA
ExtractIconExA
ExtractIconExW
FindExecutableW
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperationA
SHFileOperationW
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetSpecialFolderPathW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
Shell_NotifyIcon

ole32

CoMarshalInterThreadInterfaceInStream
CoMarshalInterface
CoQueryReleaseObject
CoRegisterMessageFilter
CoResumeClassObjects
CoSetCancelObject
CoSuspendClassObjects
CoTaskMemFree
CoUninitialize
CreateBindCtx
CreateDataAdviseHolder
CreateOleAdviseHolder
CreateStdProgressIndicator
DllGetClassObjectWOW
FreePropVariantArray
GetClassFile
GetConvertStg
GetHGlobalFromILockBytes
GetHGlobalFromStream
HACCEL_UserFree
HACCEL_UserMarshal
HBITMAP_UserSize
HBRUSH_UserFree
HBRUSH_UserMarshal
HDC_UserMarshal
HDC_UserSize
HDC_UserUnmarshal
HENHMETAFILE_UserFree
HICON_UserUnmarshal
HMENU_UserMarshal
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserFree
HMETAFILE_UserMarshal
HWND_UserFree
HWND_UserSize
OleCreate
OleCreateEmbeddingHelper
OleCreateFromFile
OleCreateFromFileEx
OleCreateLinkFromData
OleCreateLinkToFile
OleCreateStaticFromData
OleDoAutoConvert
OleGetAutoConvert
OleIsRunning
OleLoad
OleLoadFromStream
OleMetafilePictFromIconAndLabel
OleRegEnumFormatEtc
OleRegEnumVerbs
OleRegGetMiscStatus
OleSetClipboard
OleUninitialize
ProgIDFromCLSID
PropStgNameToFmtId
PropVariantCopy
ReadFmtUserTypeStg
ReleaseStgMedium
SNB_UserMarshal
SetConvertStg
StgConvertPropertyToVariant
StgConvertVariantToProperty
StgGetIFillLockBytesOnFile
UtGetDvtd32Info
WriteOleStg
CoLoadLibrary
CoIsOle1Class
CoInitializeWOW
CoImpersonateClient
CoGetObject
CoGetMarshalSizeMax
CoEnableCallCancellation
CoDosDateTimeToFileTime
CoDeactivateObject
CoCreateInstanceEx
CLIPFORMAT_UserUnmarshal
CoGetCallContext

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNW
StrRChrA
StrRChrIA
StrRStrIW
StrStrIA
StrStrIW

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a12d4b1de9187baad879c2276d0717fd

Code Sign

36:35:08:95:64:52:5f:6f:b1:1f:52:d0:9d:06:c0:80Certificate

Extended Key Usages

60:ae:2c:9b:00:f4:81:7b:57:10:f9:2e:d1:80:d7:88:39:1a:d6:fdSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

Sections

.text Size: 36KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 588B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

36:35:08:95:64:52:5f:6f:b1:1f:52:d0:9d:06:c0:80
Certificate

60:ae:2c:9b:00:f4:81:7b:57:10:f9:2e:d1:80:d7:88:39:1a:d6:fd
Signer

.text
Size: 36KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 588B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB