fce27f05ee967c65d987b4f241c4115c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fce27f05ee967c65d987b4f241c4115c_JaffaCakes118
Size

25KB
MD5

fce27f05ee967c65d987b4f241c4115c
SHA1

c14008a6fb5c77abb009fb26e0070be1d6e04736
SHA256

3a60a8837d98ee61fedeafeab90de94a71f6ae5a78ff939aa76eea54bdcea59d
SHA512

641927c187e5650fafd166775a7b48de58ce0e16651415491a175684001cd727208e0e250cd1dc3303a2005d12d860196100b49278a4ab348da2bf1eee4d0fe1
SSDEEP

384:DM+cZOh18P36k5pbSdnc4COuRa+RdrpWl/WgmibNfy:Hc8haP35pS7wYM4vPbNfy

Score

1^/10

Malware Config

Signatures

Files

fce27f05ee967c65d987b4f241c4115c_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f8843a5c19e3378f39a764c34bcf6ca5

Code Sign

26:8b:b9:64:4c:3f:30:63:b5:15:f2:32:22:e3:c9:2c
Certificate

Issuer

CN=NiCNFnnwRocN5kjbju1462tJu

Not Before

19/04/2012, 18:23

Not After

31/12/2039, 23:59

Subject

CN=NiCNFnnwRocN5kjbju1462tJu

Extended Key Usages

ExtKeyUsageCodeSigning

ad:bf:46:03:db:6f:00:b6:93:63:58:66:c1:56:23:50:43:8d:2a:5d
Signer

Actual PE Digest

ad:bf:46:03:db:6f:00:b6:93:63:58:66:c1:56:23:50:43:8d:2a:5d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetCommandLineA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrcatW
CreateFileW
lstrcatA
VirtualAlloc

user32

DefMDIChildProcA
DestroyMenu
DlgDirSelectComboBoxExW
DlgDirSelectExW
DrawCaption
DrawFocusRect
DrawMenuBar
EnumDisplayDevicesW
EnumDisplaySettingsA
EnumDisplaySettingsW
EnumPropsExA
EnumWindows
FindWindowA
FindWindowExA
FindWindowW
FlashWindow
GetAncestor
GetCaretPos
GetClassNameA
GetClientRect
GetCursorInfo
GetDesktopWindow
GetKeyboardLayout
GetKeyboardState
GetMenuStringW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPriorityClipboardFormat
GetQueueStatus
GetShellWindow
GetSysColor
GetTopWindow
GetUpdateRect
GetWindowModuleFileName
HiliteMenuItem
IMPQueryIMEW
DefFrameProcW
IsMenu
IsWindow
LoadCursorFromFileW
LoadKeyboardLayoutW
LoadStringA
LockWorkStation
LookupIconIdFromDirectory
MapVirtualKeyW
MessageBoxA
MessageBoxIndirectA
NotifyWinEvent
OemToCharA
OpenDesktopW
OpenIcon
PaintDesktop
RealGetWindowClassA
RegisterClassA
RegisterClipboardFormatW
RegisterWindowMessageA
ReplyMessage
SendMessageW
SetClassLongW
SetCursorPos
SetDeskWallpaper
SetMenuDefaultItem
SetShellWindow
SetWinEventHook
SetWindowRgn
SetWindowsHookExA
SetWindowsHookW
ShowOwnedPopups
ShowWindow
UnhookWindowsHookEx
UnpackDDElParam
ValidateRect
VkKeyScanExW
VkKeyScanW
keybd_event
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DdeSetQualityOfService
DdeQueryConvInfo
DdeNameService
DdeInitializeW
DdeFreeDataHandle
DdeCreateDataHandle
CreateCursor
CountClipboardFormats
CloseWindow
ClipCursor
CheckMenuRadioItem
CharUpperBuffA
CharPrevW
CharLowerW
BringWindowToTop
AttachThreadInput
AdjustWindowRect
InvalidateRect

gdi32

GetStockObject

comctl32

CreatePropertySheetPage
CreatePropertySheetPageA
ord6
CreateStatusWindowW
DrawStatusText
FlatSB_GetScrollProp
ImageList_Copy
ImageList_DragEnter
ImageList_DragShowNolock
InitializeFlatSB
ImageList_SetImageCount
ImageList_Read
ImageList_LoadImageA
ImageList_EndDrag
ImageList_Duplicate

Sections

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8843a5c19e3378f39a764c34bcf6ca5

Code Sign

26:8b:b9:64:4c:3f:30:63:b5:15:f2:32:22:e3:c9:2cCertificate

Extended Key Usages

ad:bf:46:03:db:6f:00:b6:93:63:58:66:c1:56:23:50:43:8d:2a:5dSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

.text2 Size: 1024B - Virtual size: 1000B

.text3 Size: 1024B - Virtual size: 1000B

.text Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 796B

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 708B

26:8b:b9:64:4c:3f:30:63:b5:15:f2:32:22:e3:c9:2c
Certificate

ad:bf:46:03:db:6f:00:b6:93:63:58:66:c1:56:23:50:43:8d:2a:5d
Signer

.text2
Size: 1024B - Virtual size: 1000B

.text3
Size: 1024B - Virtual size: 1000B

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 796B

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 708B