f4db9634721c61a74e70417d478067d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4db9634721c61a74e70417d478067d9_JaffaCakes118
Size

290KB
MD5

f4db9634721c61a74e70417d478067d9
SHA1

b8e9a5fa038a5a8f405b3a258567f73710dbdf8e
SHA256

ecc9e5de050a780684de02965224c5e7528a6ac20e2101aa19458453ea1f5f67
SHA512

44b023ffb43ccfdeb0239ed1b3b54ab1cb631ecf5082cb339f85e8cfe0ac5882fd37781b76da65dfe46adf3a0674934febbb008abb20555822f7dac40fefd61a
SSDEEP

6144:WXFlvdqWLqOKy/B5RyaynzgvGq6JhW7MQgtm0DTGgQ:WXF/zLX/B5YzFHNtmX

Score

1^/10

Malware Config

Signatures

Files

f4db9634721c61a74e70417d478067d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36cc86e9aa6615737205d7f9a5a076be

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

Issuer

CN=2352323

Not Before

11/02/2012, 05:41

Not After

31/12/2039, 23:59

Subject

CN=2352323

Extended Key Usages

ExtKeyUsageCodeSigning

a5:28:21:1f:82:f0:37:59:b2:4a:23:76:95:e0:8c:6e:ec:f6:04:82
Signer

Actual PE Digest

a5:28:21:1f:82:f0:37:59:b2:4a:23:76:95:e0:8c:6e:ec:f6:04:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
CreateFileA

user32

AllowSetForegroundWindow
ReleaseCapture
CharLowerA
ClipCursor
wsprintfA
GetShellWindow
CharToOemA
GrayStringW
PeekMessageW
CreateMenu
DestroyIcon
DdeCmpStringHandles
ShowOwnedPopups
DdeQueryStringA
LoadKeyboardLayoutA
CopyAcceleratorTableA
IsCharAlphaNumericW
wvsprintfW
DrawEdge
DefMDIChildProcW
DdeQueryNextServer
GetCaretPos
DdeQueryConvInfo
DefDlgProcW
IsDialogMessage
MessageBeep
DefWindowProcA
CharUpperBuffW
GetCursorPos
FreeDDElParam
TranslateMDISysAccel
EnumDisplaySettingsW
WaitForInputIdle
DlgDirListComboBoxW
GetInputState
DragDetect
IsIconic
InsertMenuW
CreateCursor
SetMenuInfo
CopyAcceleratorTableW
CharNextA
EnumDisplaySettingsA
ScrollWindowEx
DefDlgProcA
CreateCaret
CopyRect
ChangeClipboardChain
GetWindowPlacement
GetWindowModuleFileName
GetWindowModuleFileNameW
SetPropW
GetPriorityClipboardFormat
GetWindowDC
CharPrevExA
PostThreadMessageW
GetClassWord
GetMessageW
TrackPopupMenu
GetMenuItemRect
UnionRect
DdeNameService
RegisterHotKey
UnhookWinEvent
IMPQueryIMEW
SetActiveWindow
GetProcessDefaultLayout
SendMessageCallbackA
KillTimer
MonitorFromRect
EnumDisplayDevicesW
GetNextDlgGroupItem
ToUnicode
FindWindowExW
DrawIcon
IsCharLowerW
CharUpperA
DdeFreeStringHandle
SetForegroundWindow
SetMessageQueue
RegisterClassW
OpenInputDesktop
SetPropA
BringWindowToTop
DialogBoxIndirectParamW
MessageBoxIndirectW
OemToCharW
MapVirtualKeyExA
SetUserObjectInformationA
TabbedTextOutA
GetLastInputInfo
GetFocus
CreateDialogParamA

comctl32

CreatePropertySheetPageA
InitMUILanguage
ImageList_SetImageCount
ImageList_SetBkColor
UninitializeFlatSB
ImageList_GetIconSize
ImageList_Remove
ImageList_DragLeave
ImageList_Create
ord15
ord2
ImageList_GetImageInfo
ord7
DrawStatusTextW
ord6
ImageList_Replace
ImageList_BeginDrag
ord16
ImageList_DragEnter
ImageList_Merge
ImageList_LoadImage
FlatSB_SetScrollProp
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_SetOverlayImage
ImageList_GetBkColor
CreateStatusWindow
FlatSB_ShowScrollBar
FlatSB_GetScrollInfo
CreateToolbarEx
ImageList_Destroy
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_DragMove
FlatSB_SetScrollInfo
ImageList_DrawIndirect
GetMUILanguage
FlatSB_GetScrollPos
ImageList_GetDragImage
FlatSB_SetScrollPos
_TrackMouseEvent
DrawStatusText
ImageList_Write
ord8
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_ReplaceIcon
ord3
FlatSB_GetScrollRange
CreatePropertySheetPageW
InitCommonControlsEx
CreatePropertySheetPage
CreateStatusWindowW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF3
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textF2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36cc86e9aa6615737205d7f9a5a076be

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25Certificate

Extended Key Usages

a5:28:21:1f:82:f0:37:59:b2:4a:23:76:95:e0:8c:6e:ec:f6:04:82Signer

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 3KB - Virtual size: 2KB

.textF3 Size: 273KB - Virtual size: 273KB

.textF4 Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.textF2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 852B

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

a5:28:21:1f:82:f0:37:59:b2:4a:23:76:95:e0:8c:6e:ec:f6:04:82
Signer

.text
Size: 3KB - Virtual size: 2KB

.textF3
Size: 273KB - Virtual size: 273KB

.textF4
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.textF2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 852B