fdf0152930544f539b760faf3fc00fd0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fdf0152930544f539b760faf3fc00fd0_JaffaCakes118
Size

299KB
MD5

fdf0152930544f539b760faf3fc00fd0
SHA1

955c5fc8ed9b2ba1b30f561e02aab40f2b8a944e
SHA256

c851be234cd55cdd31c5f0f5f52428aef769d5da1c9ba6999828060fc6aa9d2a
SHA512

b5279634a890383fe56c1332b28547ce5bad6beed8234ce1a6ea17b2ee748259a3006a9a332aca169abed09db1e8a8ee2053c50871db900494ba5b084ac18e4b
SSDEEP

6144:DFVslkW9rUSUa4klU2SC9IZENkyBr0i51eQwOAvsuA6K:DFVarUSCqUFCxNkyBt1eqAvEF

Score

1^/10

Malware Config

Signatures

Files

fdf0152930544f539b760faf3fc00fd0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b255d5a298ce12a5a65c1237826f2e1f

Code Sign

06:e2:bc:62:8e:28:f4:7d:b8:fd:0e:ea:7f:f3:37:50
Certificate

Issuer

CN=5r6Io0OJu3L2

Not Before

16/03/2012, 07:53

Not After

31/12/2039, 23:59

Subject

CN=5r6Io0OJu3L2

Extended Key Usages

ExtKeyUsageCodeSigning

a9:fc:97:b8:a9:ad:88:ca:b3:f5:88:62:c2:01:c7:6e:3d:a4:1f:c3
Signer

Actual PE Digest

a9:fc:97:b8:a9:ad:88:ca:b3:f5:88:62:c2:01:c7:6e:3d:a4:1f:c3

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
VirtualAlloc
GetCommandLineA
EnumCalendarInfoExW
CreateEventA
GetCompressedFileSizeA
LocalShrink
GetDiskFreeSpaceExA
GetFileType
CreateWaitableTimerA
SetThreadLocale
BackupSeek
EraseTape
ReadConsoleInputW
GetEnvironmentVariableW
GetFileAttributesA
DisableThreadLibraryCalls
DebugBreak
SetEndOfFile
SetConsoleTitleW
GlobalAddAtomW
GetConsoleAliasesLengthW
CreateWaitableTimerW
GetBinaryTypeA
GetProfileStringA
GetProcessWorkingSetSize
CallNamedPipeA
IsBadStringPtrA
EnumUILanguagesW
GetComputerNameExW
SetCriticalSectionSpinCount
SetConsoleCursor
GlobalReAlloc
GetVolumeNameForVolumeMountPointA
GlobalAlloc
lstrcmpiW
SetConsoleDisplayMode
FindNextChangeNotification
TryEnterCriticalSection
FatalExit
UpdateResourceW
SetCurrentDirectoryA
lstrcpynW
GetTickCount
TransmitCommChar
SetErrorMode
CreateRemoteThread
OpenFileMappingW
GetProcessTimes
ReadConsoleA
QueueUserAPC
GlobalMemoryStatusEx
FindAtomA
DeleteVolumeMountPointW
UnregisterWaitEx
InitializeCriticalSectionAndSpinCount
ExitThread
FillConsoleOutputCharacterA
SetProcessAffinityMask
SetEvent
GetAtomNameW
GetLastError
ClearCommError
WritePrivateProfileStructA
EnumLanguageGroupLocalesA
EnumDateFormatsExW
IsDBCSLeadByte
UnlockFile
WaitForSingleObject
SetComputerNameExA
SearchPathW
LoadLibraryExW
SetTapePosition
FindResourceW
GetComputerNameA
InterlockedExchange
GetCurrentDirectoryW
WriteConsoleInputA
QueryDosDeviceA
PeekConsoleInputA
GetLocaleInfoW
CreateMutexA
DosDateTimeToFileTime
DeleteFileA
GetStartupInfoW
AssignProcessToJobObject
AllocateUserPhysicalPages
GetPrivateProfileIntW
EnumResourceTypesA
GetPrivateProfileSectionW
GetVolumePathNameA
GetSystemDefaultLCID
SetVolumeMountPointA
ReadConsoleOutputW
GetModuleHandleW
Heap32First
SetThreadPriorityBoost
VerLanguageNameW
GetProfileSectionW
GetThreadLocale
CreateNamedPipeA
RemoveDirectoryA
WaitForMultipleObjectsEx
DeleteFiber
GetCurrentDirectoryA
GetFileSizeEx
ReleaseSemaphore
GetDefaultCommConfigA
GlobalFindAtomW
DeleteAtom
Process32First
lstrlenW
InterlockedExchangeAdd
InterlockedCompareExchange
IsDebuggerPresent
IsValidCodePage
OpenThread
SystemTimeToFileTime
GetSystemTimeAdjustment
FindFirstChangeNotificationA
GetVersion
GetCPInfoExA
_lread
GetModuleFileNameA
GetFileInformationByHandle
SetThreadIdealProcessor
IsBadStringPtrW
EnumSystemLocalesW
GetFileAttributesW
FlushViewOfFile
VirtualLock
GetVolumeNameForVolumeMountPointW
ScrollConsoleScreenBufferA
SignalObjectAndWait
SetTimerQueueTimer
LockFile
SetConsoleWindowInfo
SetPriorityClass
GetShortPathNameA
CreateJobObjectA
GetCommProperties
GetExitCodeProcess
HeapCreate
TerminateThread
lstrcat
Heap32ListNext
GetTapeStatus
GetMailslotInfo
FreeUserPhysicalPages
GetDriveTypeA
GetBinaryTypeW
GlobalUnfix
EnumLanguageGroupLocalesW
RaiseException
FreeLibrary
BindIoCompletionCallback
GetTempPathA
CopyFileA
AddConsoleAliasW
SetCommState
VirtualQuery
SetCalendarInfoW
AddAtomA
GetLogicalDrives
DefineDosDeviceW
lstrcpyn
GetDiskFreeSpaceExW
GetSystemDefaultLangID
GetWindowsDirectoryW
IsValidLanguageGroup
OpenJobObjectW
WideCharToMultiByte
CreateMailslotA
EnumSystemLanguageGroupsA
GetTimeFormatW
FreeConsole
GetNamedPipeHandleStateA
CompareFileTime
RequestDeviceWakeup
CreateTimerQueue
GetCurrentThread
SetMessageWaitingIndicator
GetPrivateProfileStringW
GetHandleInformation
FindNextVolumeW
FoldStringA
IsProcessorFeaturePresent
GetStringTypeExA
GetDriveTypeW
GetCurrentConsoleFont
AreFileApisANSI
ConnectNamedPipe
CommConfigDialogA
GlobalWire
GlobalMemoryStatus
RequestWakeupLatency
DeleteFileW
CreateDirectoryA
GetConsoleAliasesA
CreateProcessA
GetConsoleAliasExesLengthA
VirtualFreeEx
ChangeTimerQueueTimer
FileTimeToSystemTime
GetFileSize
OutputDebugStringA
BuildCommDCBW
GetConsoleAliasesLengthA
lstrcatA
FlushInstructionCache
QueryDosDeviceW
ReadConsoleOutputA
SetConsoleTitleA
CompareStringA
FindNextVolumeMountPointA
CompareStringW
FindClose
QueryPerformanceCounter
GetSystemWindowsDirectoryA
WinExec
lstrcpy
LocalCompact
GetTempFileNameA
RemoveDirectoryW
LeaveCriticalSection
GetPrivateProfileIntA
lstrcatW
Heap32Next
ExpandEnvironmentStringsA
AddConsoleAliasA
GetSystemInfo
GlobalUnWire
GetProcessHeap
Thread32Next
GetSystemTime
LocalFileTimeToFileTime
Module32FirstW
CancelTimerQueueTimer
GetDiskFreeSpaceA
SetComputerNameA
GlobalLock
GetStdHandle
GetOverlappedResult
Process32FirstW
EnumTimeFormatsA

user32

UnhookWindowsHookEx
RemoveMenu
GetKeyNameTextW
DefFrameProcA
CallMsgFilter
GetClipCursor
EnumWindows
MessageBoxExA
CreateCursor
GetDlgItemInt
SetWindowTextW
GetMenuStringA
SetSystemCursor
ClipCursor
DeregisterShellHookWindow
GetIconInfo
SetWindowLongW
IMPGetIMEW
SetUserObjectSecurity
GetWindowModuleFileNameW
EnumPropsExW
GetMenuItemID
CascadeWindows
GetScrollBarInfo
EnumPropsW
EnumDesktopWindows
IsDialogMessage
IsWindowVisible
DefDlgProcW
MapVirtualKeyW
SendDlgItemMessageW
SetWindowPos
MonitorFromPoint
CharPrevW
SetMenuDefaultItem
DdeQueryStringA
ModifyMenuW
ValidateRgn
CharToOemW
GetMonitorInfoW
VkKeyScanExW
GetMessageExtraInfo
DrawTextExA
PostMessageA
DdeCreateStringHandleA
InsertMenuItemA
IsCharAlphaNumericW
GetProcessDefaultLayout
GetWindowTextLengthA
DdeReconnect
CreateIconFromResourceEx
BeginDeferWindowPos
EnumDisplaySettingsExA
GetListBoxInfo
CallWindowProcA
CreateDialogParamA
CheckRadioButton
GetAltTabInfo
EnumThreadWindows
DdeImpersonateClient
ChildWindowFromPointEx
ShowCaret
DdePostAdvise
GetMenuItemRect
CallMsgFilterW
GetMenuItemInfoW
DialogBoxParamA
SendMessageCallbackW
ShowCursor
CloseClipboard
ModifyMenuA
GetWindowInfo
GetSystemMetrics
OemToCharBuffW
GetCapture
DdeAbandonTransaction
FlashWindowEx
WaitForInputIdle
ChangeClipboardChain
SendInput
WindowFromDC
HideCaret
GetKeyNameTextA
SetMessageQueue
InvalidateRgn
CharUpperBuffW
IsWindow
CopyAcceleratorTableW
GetClipboardData
LoadImageW
SendIMEMessageExA
ScrollWindow
GetClassLongW
WINNLSEnableIME
GetSysColor
PeekMessageA
GetWindowTextLengthW
DialogBoxIndirectParamA
SetMessageExtraInfo
EndTask
SetCursorPos
SetKeyboardState
AllowSetForegroundWindow
DrawFrame
GetKeyboardState
SystemParametersInfoW
IsCharLowerW
CountClipboardFormats
GetWindowTextA
CharUpperBuffA
IsWindowUnicode
RegisterShellHookWindow
ChangeDisplaySettingsExA
GetDlgItem
IsCharUpperA
CreateCaret
ExcludeUpdateRgn
CloseWindow
WinHelpA
LoadAcceleratorsW
GetPriorityClipboardFormat
RegisterHotKey
IsMenu
SetWindowsHookA
SetPropA
SetDeskWallpaper
MapVirtualKeyA
GetWindowRect
GetMenuBarInfo
DlgDirListComboBoxA
GetCaretPos
DrawEdge
OemKeyScan
MonitorFromRect
ToUnicode
GetMenuState
wsprintfW
AnimateWindow
IsZoomed
LoadCursorW
DdeNameService
SetMenuItemInfoA
DrawTextA
EnumDisplayDevicesW
SetWindowPlacement
EnumDisplaySettingsA
DefMDIChildProcW
TrackPopupMenu
EnableWindow
IMPSetIMEA
GetUpdateRect
DdeKeepStringHandle
ReleaseCapture
ActivateKeyboardLayout
GetKBCodePage
UnloadKeyboardLayout
CreateWindowStationA
CharUpperA
GetActiveWindow
EnumDisplayMonitors
WaitMessage
GetDialogBaseUnits
CreateDialogIndirectParamW
DdeSetQualityOfService
SystemParametersInfoA
EnumPropsA
LoadStringW
SetMenuItemInfoW
EnableScrollBar
ScrollDC
DdeFreeDataHandle
GetDCEx
DestroyCursor
UnregisterClassA
GetMessageA
AppendMenuA
OpenIcon
GetNextDlgTabItem
SetClassWord
RemovePropW
CopyImage
DrawIcon
DrawFrameControl
LoadIconA
PostQuitMessage
GetDesktopWindow
GetDlgCtrlID
SetScrollRange
GetMenuContextHelpId
GetAsyncKeyState
TrackMouseEvent
MoveWindow
GetWindowModuleFileNameA
DdeSetUserHandle
GetMenu
SetScrollPos
CharNextExA
GetAltTabInfoA
InsertMenuItemW
SendMessageTimeoutA
WindowFromPoint
GetCaretBlinkTime
GetMouseMovePointsEx
CharNextW
BeginPaint
SendNotifyMessageA
CallNextHookEx
LoadMenuIndirectW
LoadAcceleratorsA
GetLastActivePopup
GetScrollRange
GetClassWord
OpenWindowStationA
GetLastInputInfo
DdeInitializeA
DefWindowProcW
CharLowerBuffW
AttachThreadInput
ClientToScreen
CreateAcceleratorTableA
GetScrollPos
wvsprintfA
DdeAccessData
GetWindowModuleFileName
CharLowerA
SetLayeredWindowAttributes
DdeClientTransaction
TileChildWindows
RegisterDeviceNotificationW
HiliteMenuItem

advapi32

RegOpenKeyExW

oleaut32

VarUI4FromR8
VarI2FromUI2
VarBstrFromUI1
LPSAFEARRAY_UserUnmarshal
VariantClear
SetErrorInfo
VarUI1FromUI2
VarDecCmpR8
DispGetParam
VarCyMulI4
CreateStdDispatch
DispGetIDsOfNames
VarR8Pow
SafeArrayGetUBound
VarDateFromUI1
VarR8FromCy
VarUI1FromR4
VarR4FromUI1
VarI2FromDisp
VarI2FromR8
BSTR_UserMarshal
VarR4FromStr
VarMod
VarDateFromI4
VarR8FromI1
VarI2FromI1
VarBstrCat
VarUI2FromDisp
SafeArrayCreateVector
VarDecAdd
SafeArraySetRecordInfo
VarUI1FromUI4
VarDateFromR4
VarBoolFromUI1
SystemTimeToVariantTime
VarUI2FromBool
VarDateFromCy
VarI1FromDec
VarDecFromUI2
GetRecordInfoFromTypeInfo
SafeArrayGetVartype
VarCyFromUI4
VarCat
VarDecSu
VarDateFromStr
SafeArrayCreateEx
VarCyFromUI1
VarBoolFromI1
VarBstrFromR4
VarR4FromDate
VarCyFromR4
VarI2FromBool
VarBstrFromUI2
SafeArrayRedim
VarI4FromBool
VarI1FromI2
BSTR_UserSize
VarCyCmpR8
VarDateFromR8
SafeArrayPutElement
VarBoolFromUI4
VarDateFromDisp
VarR8FromDate
VarNot
GetActiveObject
VarBstrFromR8
VarBoolFromR8
UnRegisterTypeLi
VarUI4FromUI2
VarUI1FromI2
VarUI1FromI4
VarR4CmpR8
VarI1FromUI1
VarCyAdd
ClearCustData
VarMonthName
VarBstrFromDate
VariantChangeType
LPSAFEARRAY_UserFree
VarDateFromI1
VarI4FromI2
VarUI1FromR8
VarUI1FromStr
SafeArrayGetIID
VarPow
VarDateFromBool
SysAllocString
SafeArrayCreate
VarUI2FromUI4
VarBoolFromUI2
VarR8FromUI1
VarI1FromDate
VarR4FromDisp
VarBoolFromDate
VarDiv
VarUI2FromStr
VarFormat
VarCyFromDec
VarDateFromUdate
SafeArrayAllocDescriptor
VARIANT_UserMarshal
CreateErrorInfo
VarR8FromDec
VarUI4FromUI1
LPSAFEARRAY_Marshal
LPSAFEARRAY_UserSize
VarR8Round
OleLoadPicture
VarI4FromCy
RegisterActiveObject
OleLoadPictureEx
VarBoolFromCy
BstrFromVector
SafeArrayDestroy
VariantTimeToDosDateTime
VarFix
VarUI4FromI4
VarBstrFromI2
VarUI1FromDate
VarR4FromI4
VarBstrFromDec
VarUI2FromR4
VarUI1FromDec
VarI1FromUI2
VarDecFromCy
VarDecInt
OleLoadPicturePath
VarDecFromI2
RegisterTypeLi
VarCyFromR8
VarFormatPercent
VariantCopy
VarDateFromDec
VarCyFromUI2
VarCyFromBool
VarUI1FromI1
SafeArrayGetDim
VarDecFromUI1
VarImp
VarInt
VarSu
CreateDispTypeInfo
VarBstrFromBool
VarDateFromUdateEx
VarUI4FromStr
OleLoadPictureFileEx
VarCyCmp
VarDecFromR8
SafeArrayAccessData
VarBoolFromR4
VarI4FromDec
VarR8FromUI2
VarDecFromDate
VariantChangeTypeEx
VarI1FromStr
VarBoolFromStr
DispInvoke
VarUI2FromDec
VarDateFromUI2
LHashValOfNameSys
VarCmp
VarFormatCurrency
LoadRegTypeLi
VarDateFromI2
VarUI4FromR4
VariantCopyInd
SafeArrayDestroyData
OleCreatePropertyFrame
LPSAFEARRAY_Unmarshal
LHashValOfNameSysA
VarDecCmp
VarI4FromDisp
SafeArrayCreateVectorEx
VarI2FromI4
VARIANT_UserUnmarshal
QueryPathOfRegTypeLi
VarFormatNumber
VarUI4FromI2
VarAbs
VarNeg
VarBoolFromI4
VarUI1FromCy
VARIANT_UserFree
VarUdateFromDate
VarUI4FromBool
VarParseNumFromStr
VarCyMul
VarR4FromI1
VarDecAbs
VarI2FromCy
SysAllocStringByteLen
VarR4FromR8
OleTranslateColor
VarUI2FromCy
SafeArrayAllocData
OleCreateFontIndirect

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

n2
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b255d5a298ce12a5a65c1237826f2e1f

Code Sign

06:e2:bc:62:8e:28:f4:7d:b8:fd:0e:ea:7f:f3:37:50Certificate

Extended Key Usages

a9:fc:97:b8:a9:ad:88:ca:b3:f5:88:62:c2:01:c7:6e:3d:a4:1f:c3Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 15KB

n2 Size: 262KB - Virtual size: 262KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 3KB - Virtual size: 3KB

06:e2:bc:62:8e:28:f4:7d:b8:fd:0e:ea:7f:f3:37:50
Certificate

a9:fc:97:b8:a9:ad:88:ca:b3:f5:88:62:c2:01:c7:6e:3d:a4:1f:c3
Signer

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 15KB

n2
Size: 262KB - Virtual size: 262KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 3KB - Virtual size: 3KB