f9bce28027aa9afbbb1fa3bd464fd8e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9bce28027aa9afbbb1fa3bd464fd8e6_JaffaCakes118
Size

335KB
MD5

f9bce28027aa9afbbb1fa3bd464fd8e6
SHA1

28516db6b2ccefa34e42fb30f968939545a00a4c
SHA256

807dc7ceba7e64a025bddf54d7d4c635d5b102cf86e115dd2cd8af68aa2fc1f6
SHA512

ba797ba9994e61ac076e221c6abf9641963799c07be6c448512479d5b8e1bdc75083a2f4a354ded6eca715268ab9d75b694f5f03755cba1857c9aacc4984a6b2
SSDEEP

6144:4QaMdKrDJ2s+FwODIPhy286VP7epSP2TaMK8PevoQMYLoOCHDjuo90aIwK:4QaMdKrDX4wrpj86opSP2+0EMVOCjqPB

Score

1^/10

Malware Config

Signatures

Files

f9bce28027aa9afbbb1fa3bd464fd8e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68094644b006c922e5b164270cf7c03a

Code Sign

27:a5:de:24:b6:20:d0:74:b0:19:07:f7:5d:71:52:7c
Certificate

Issuer

CN=krdsimanfza

Not Before

29/01/2012, 12:37

Not After

31/12/2039, 23:59

Subject

CN=Gasqipo

b5:e5:96:ab:9e:5f:d5:4f:78:0a:eb:26:b7:dd:c4:ec:b6:0c:b8:8b
Signer

Actual PE Digest

b5:e5:96:ab:9e:5f:d5:4f:78:0a:eb:26:b7:dd:c4:ec:b6:0c:b8:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgCtrlID
MoveWindow
MessageBoxA
IsIconic
EnumWindows
IsWindowVisible
IsDialogMessageA
EndDeferWindowPos
GetClientRect
ChildWindowFromPoint
MapDialogRect

ole32

CoFreeLibrary
StgCreatePropSetStg
StgIsStorageILockBytes
OleCreateMenuDescriptor
CreateGenericComposite
CoAddRefServerProcess
CreateClassMoniker
CoTaskMemAlloc
CreateFileMoniker
CoMarshalInterface
CoRegisterClassObject
OleSetMenuDescriptor
OleDoAutoConvert
OleCreateFromFile
GetClassFile

oledlg

ord5
ord8
ord9
ord10
ord1
ord4
ord7
ord11
ord3
ord12
ord6
ord2

advapi32

RegDeleteKeyA
RegDeleteValueA
RegSaveKeyA
RegOpenKeyExA
RegNotifyChangeKeyValue
RegSetValueA
RegOverridePredefKey
RegEnumKeyA
RegCreateKeyExA
RegCreateKeyA
RegQueryValueA

kernel32

ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
GetVersion
TlsAlloc
GetStringTypeW
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStringTypeA
SetLastError
GetTickCount
GetProcessHeap
QueryPerformanceCounter
GetEnvironmentVariableA
TlsSetValue
VirtualProtect
SetLocaleInfoA
IsBadCodePtr
OpenEventA
HeapUnlock
GlobalSize
GetTimeFormatA
GlobalFlags
GlobalReAlloc
IsValidLocale
WaitForMultipleObjects
GetUserDefaultLCID
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetProfileStringA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 505KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68094644b006c922e5b164270cf7c03a

Code Sign

27:a5:de:24:b6:20:d0:74:b0:19:07:f7:5d:71:52:7cCertificate

b5:e5:96:ab:9e:5f:d5:4f:78:0a:eb:26:b7:dd:c4:ec:b6:0c:b8:8bSigner

Headers

File Characteristics

Imports

user32

ole32

oledlg

advapi32

kernel32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 302KB - Virtual size: 302KB

.data Size: 512B - Virtual size: 505KB

.rsrc Size: 16KB - Virtual size: 15KB

27:a5:de:24:b6:20:d0:74:b0:19:07:f7:5d:71:52:7c
Certificate

b5:e5:96:ab:9e:5f:d5:4f:78:0a:eb:26:b7:dd:c4:ec:b6:0c:b8:8b
Signer

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 302KB - Virtual size: 302KB

.data
Size: 512B - Virtual size: 505KB

.rsrc
Size: 16KB - Virtual size: 15KB