f9d46fc68b467df2abe096e0189b5b72_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9d46fc68b467df2abe096e0189b5b72_JaffaCakes118
Size

24KB
MD5

f9d46fc68b467df2abe096e0189b5b72
SHA1

8e21dd7aedc1e40b7e5560a29ec8e40f3bbc1c99
SHA256

217feac7de09e50047d0e0d5fb9381aa2fcc68055295215edf299d11133a1ac9
SHA512

613b69aef481b4ba15a624200f45e40e14d6ce54829e40e7e2349cf021979292d80ed93c21e79af492a8ddd44dbb1eca17682b1430278baf6091c8b79f90fabd
SSDEEP

384:Xpr3W/1VcOl8ETI3M9oGLEpmOwVKE7MqaMcXVJymIuWHNhmhh4WWieZW+2:Xpr3A1im8ET97EpmRX7Jg0uWthmhhdeq

Score

1^/10

Malware Config

Signatures

Files

f9d46fc68b467df2abe096e0189b5b72_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c19436fae5622582502f19b7b9c6245f

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12-03-2012 12:03

Not After

31-12-2039 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

0e:8d:37:3c:c4:e0:9b:2c:d9:81:ad:54:95:f7:61:1e:95:de:82:50
Signer

Actual PE Digest

0e:8d:37:3c:c4:e0:9b:2c:d9:81:ad:54:95:f7:61:1e:95:de:82:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionA
WriteProfileSectionW
_lopen
WriteConsoleOutputCharacterA
lstrcmpiW
lstrcpyW
WriteConsoleOutputAttribute
WaitForSingleObjectEx
TransactNamedPipe
TerminateProcess
SetVolumeLabelA
SetTimeZoneInformation
SetThreadIdealProcessor
SetTapePosition
SetPriorityClass
SetMessageWaitingIndicator
SetLocaleInfoA
SetFilePointerEx
SetConsoleTitleW
SetConsoleCP
SetCommTimeouts
RtlZeroMemory
ResumeThread
ReplaceFileW
ReadConsoleOutputCharacterW
OpenProcess
OpenMutexW
MultiByteToWideChar
Module32NextW
Module32FirstW
Module32First
MapUserPhysicalPagesScatter
LockFileEx
LocalSize
LocalFileTimeToFileTime
IsValidLocale
IsBadStringPtrA
HeapCreate
GlobalUnfix
GlobalMemoryStatusEx
GlobalDeleteAtom
GlobalAlloc
GetWindowsDirectoryA
GetVolumePathNameW
GetTapeStatus
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetStringTypeExA
GetShortPathNameA
GetProfileIntW
GetModuleHandleA
GetProfileIntA
GetProcessVersion
GetProcessShutdownParameters
GetProcessIoCounters
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionNamesA
GetModuleFileNameA
GetLongPathNameW
GetFileSizeEx
GetFileAttributesExA
GetEnvironmentStringsA
GetEnvironmentStrings
GetConsoleAliasesLengthA
GetComputerNameExW
GetCommandLineW
GetCommProperties
GetCommMask
GetCPInfoExW
GetBinaryTypeA
GetBinaryType
FreeResource
FlushViewOfFile
FlushConsoleInputBuffer
FindNextFileW
FindFirstFileW
FindFirstFileExA
FindFirstChangeNotificationA
FindAtomA
EnumResourceLanguagesA
DeviceIoControl
DeleteTimerQueueEx
DeleteFiber
DefineDosDeviceW
CreateWaitableTimerW
CreateJobObjectW
CreateHardLinkW
CreateEventA
CreateDirectoryExA
ConvertDefaultLocale
CompareFileTime
CancelIo
BuildCommDCBAndTimeoutsA
AllocConsole
GetProcAddress
GetTempPathA
lstrcmpi

msvcrt

memset

user32

wsprintfW
WinHelpW
WINNLSEnableIME
VkKeyScanW
VkKeyScanExW
UnloadKeyboardLayout
UnionRect
SubtractRect
SetWindowsHookExW
SetWindowLongA
SetMessageExtraInfo
SetMenuDefaultItem
SetMenu
SetKeyboardState
SetDebugErrorLevel
SetClassWord
SendNotifyMessageW
SendMessageCallbackW
SendMessageCallbackA
SendMessageA
ScreenToClient
RemovePropW
RemovePropA
RegisterShellHookWindow
RegisterDeviceNotificationW
PostQuitMessage
PeekMessageW
PackDDElParam
OpenClipboard
OemToCharW
OemToCharBuffA
NotifyWinEvent
MonitorFromWindow
MessageBoxW
MessageBoxA
MapWindowPoints
LookupIconIdFromDirectory
IsRectEmpty
IsHungAppWindow
GetWindowThreadProcessId
GetWindowPlacement
GetWindowInfo
GetWindowDC
GetUserObjectInformationA
GetUpdateRgn
GetSystemMenu
GetShellWindow
GetPriorityClipboardFormat
GetMouseMovePointsEx
GetMenuStringW
GetMenuState
GetMenuDefaultItem
GetLastActivePopup
GetIconInfo
GetComboBoxInfo
GetClipboardViewer
GetClassLongW
GetCaretPos
GetAncestor
EnumPropsW
EnumPropsExA
EnumPropsA
EnumDisplaySettingsW
EnumDisplayDevicesA
EnumDesktopsW
EnumClipboardFormats
EnableScrollBar
DrawEdge
DrawAnimatedRects
DispatchMessageW
DialogBoxIndirectParamW
DestroyMenu
DefWindowProcA
DdeQueryStringA
DdeKeepStringHandle
DdeInitializeW
DdeImpersonateClient
DdeAbandonTransaction
CreateWindowStationW
CreateWindowExA
CreatePopupMenu
CreateDialogParamA
CreateCursor
CloseDesktop
CheckMenuRadioItem
ChangeMenuA
ChangeDisplaySettingsExW
CascadeChildWindows
CallMsgFilterW
CallMsgFilterA
BlockInput
GetMonitorInfoW

gdi32

CloseEnhMetaFile
CombineTransform
CopyEnhMetaFileW
CreateColorSpaceW
CreateDIBitmap
CreateEllipticRgnIndirect
CreateEnhMetaFileW
CreateFontW
CreatePenIndirect
CreatePolyPolygonRgn
CreatePolygonRgn
DeleteColorSpace
DeleteDC
DeleteEnhMetaFile
DeviceCapabilitiesExA
DeviceCapabilitiesExW
Ellipse
EnableEUDC
EngCreateSemaphore
EngFreeModule
EngQueryEMFInfo
EngUnicodeToMultiByteN
EngUnlockSurface
EngWideCharToMultiByte
EnumEnhMetaFile
EnumFontFamiliesExA
EnumFontFamiliesW
EnumFontsA
ExtCreatePen
ExtFloodFill
ExtTextOutA
FONTOBJ_vGetInfo
FillRgn
GdiAddGlsBounds
GdiConvertAndCheckDC
GdiConvertBitmap
GdiConvertFont
GdiConvertRegion
GdiEntry8
GdiFixUpHandle
GdiGetDevmodeForPage
GdiPlayPrivatePageEMF
GdiPlayScript
GdiSetAttrs
Arc
GdiSwapBuffers
GetBitmapBits
GetCharABCWidthsFloatA
GetCharABCWidthsI
GetCharWidthA
GetCharacterPlacementA
GetCurrentObject
GetDeviceGammaRamp
GetGlyphOutline
GetGlyphOutlineW
GetKerningPairsA
GetMetaFileBitsEx
GetObjectType
GetPixelFormat
GetRegionData
GetRelAbs
GetTextAlign
GetTextColor
GetTextExtentPointA
HT_Get8BPPFormatPalette
InvertRgn
NamedEscape
OffsetRgn
PATHOBJ_vEnumStart
PlgBlt
RemoveFontResourceTracking
ResetDCW
RoundRect
STROBJ_bGetAdvanceWidths
STROBJ_vEnumStart
SaveDC
SelectFontLocal
SelectObject
SetBitmapBits
SetBitmapDimensionEx
SetColorAdjustment
SetICMProfileW
SetMagicColors
SetTextCharacterExtra
SetWindowExtEx
UnloadNetworkFonts
UpdateColors
XLATEOBJ_iXlate
GdiSetLastError
AddFontResourceExA

advapi32

RegOpenKeyExW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c19436fae5622582502f19b7b9c6245f

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

0e:8d:37:3c:c4:e0:9b:2c:d9:81:ad:54:95:f7:61:1e:95:de:82:50Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

0e:8d:37:3c:c4:e0:9b:2c:d9:81:ad:54:95:f7:61:1e:95:de:82:50
Signer

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB