fe6d853a9863c7530baa49859c0a6bbb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe6d853a9863c7530baa49859c0a6bbb_JaffaCakes118
Size

38KB
MD5

fe6d853a9863c7530baa49859c0a6bbb
SHA1

69fe334d91cb1a9d0f6e4ea3d1e0fda95a244d87
SHA256

eeba94dd02ca9f3651ab3bee4e727dc37a9028b2e0c73e5bdaf3a2b3d057ee87
SHA512

69852944c75dd048e56c5706797096fa455aaa1be4951807539146c173b2bb551a37abb35aff2e607ec48921e15a651b5927f0b88daf6eaaad48fc31828a603d
SSDEEP

384:JS6nfkIcBEOS3S6nfFqVnKf676QPbMTZURYeY92O4YqXPFQvp6QRJfsSMc7/UNi/:JSoMIkMSo567V0ZUq7QYeM7x37gm9xD

Score

1^/10

Malware Config

Signatures

Files

fe6d853a9863c7530baa49859c0a6bbb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fdaa62fe5b152b6cdece8750091c2783

Code Sign

05:0c:40:50:6f:37:df:50:b8:e6:f5:24:da:1f:3c:91
Certificate

Issuer

CN=UUyaSQIX3ckC1Iw

Not Before

19/03/2012, 17:20

Not After

31/12/2039, 23:59

Subject

CN=UUyaSQIX3ckC1Iw

Extended Key Usages

ExtKeyUsageCodeSigning

d4:b3:fc:eb:9c:4b:58:b1:41:b1:b8:d5:4c:60:29:36:30:07:5d:0d
Signer

Actual PE Digest

d4:b3:fc:eb:9c:4b:58:b1:41:b1:b8:d5:4c:60:29:36:30:07:5d:0d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
GetModuleHandleA
GetProcAddress
ExitProcess

user32

FlashWindowEx
EnumThreadWindows
EndPaint
EndDeferWindowPos
DrawTextExA
DrawStateW
DrawFrameControl
DrawFrame
DrawFocusRect
DlgDirSelectComboBoxExW
DialogBoxIndirectParamW
DefWindowProcW
DefDlgProcW
DdeQueryNextServer
DdeDisconnect
DdeConnect
DdeAccessData
DdeAbandonTransaction
CreateWindowExW
CreateIconIndirect
CreateIcon
CreateAcceleratorTableA
CopyRect
CopyAcceleratorTableW
CopyAcceleratorTableA
CloseClipboard
CharUpperBuffW
CharToOemW
CharToOemBuffW
CharNextW
ChangeDisplaySettingsA
CallWindowProcW
CallWindowProcA
BlockInput
AppendMenuA
GetSystemMenu
EnableMenuItem
GetAltTabInfoW
GetCaretPos
GetClassInfoW
GetClassNameA
GetClientRect
GetClipboardData
GetClipboardOwner
GetClipboardSequenceNumber
GetDC
GetDlgCtrlID
GetDlgItemInt
GetInputState
GetKeyNameTextA
GetKeyboardLayoutNameW
GetMenuStringW
GetMessagePos
GetOpenClipboardWindow
GetPropA
GetSysColorBrush
GetWindowDC
GetWindowWord
InSendMessageEx
InsertMenuA
IntersectRect
IsRectEmpty
IsWindowEnabled
KillTimer
LoadCursorFromFileW
LoadMenuA
MapWindowPoints
MessageBoxW
ModifyMenuA
MsgWaitForMultipleObjects
PeekMessageA
PostThreadMessageA
RegisterDeviceNotificationA
RegisterWindowMessageW
ScreenToClient
SendIMEMessageExA
SendMessageTimeoutW
SetClassLongW
SetClipboardData
SetDlgItemTextW
SetForegroundWindow
SetLayeredWindowAttributes
SetRectEmpty
SetSysColors
wsprintfA
VkKeyScanExW
VkKeyScanExA
UnloadKeyboardLayout
SwitchDesktop
SubtractRect
ShowCursor
SetWindowsHookExW
SetWindowPlacement
SetUserObjectInformationW

gdi32

CloseFigure
AddFontResourceW
CreateDCA
CreateDIBPatternBrushPt
CreateEllipticRgn
CopyMetaFileW
ChoosePixelFormat
GetTextExtentExPointW
UpdateICMRegKeyA
StretchDIBits
SetWindowExtEx
SetTextAlign
SetRectRgn
SetPixelFormat
SetPixel
SetPaletteEntries
SetMapMode
SetColorSpace
SetBrushOrgEx
STROBJ_vEnumStart
RestoreDC
PolylineTo
PolyTextOutA
PolyPolygon
PlayMetaFileRecord
PlayEnhMetaFile
Pie
PathToRegion
PATHOBJ_bEnum
ModifyWorldTransform
HT_Get8BPPFormatPalette
GetWorldTransform
GetTextMetricsA
GetTextExtentPoint32W
CreateEnhMetaFileW
GetTextExtentExPointA
GetRandomRgn
GetMiterLimit
GetMapMode
GetKerningPairsA
GetFontData
GetEUDCTimeStamp
GetDeviceCaps
GetDIBits
GetCharacterPlacementW
GetCharacterPlacementA
GetCharABCWidthsI
GetCharABCWidthsA
GetBrushOrgEx
GetBoundsRect
GetAspectRatioFilterEx
GetArcDirection
GdiValidateHandle
GdiSetBatchLimit
GdiQueryTable
GdiPlayPrivatePageEMF
GdiIsPlayMetafileDC
GdiGetDevmodeForPage
GdiFullscreenControl
GdiEntry4
GdiEntry16
GdiEntry11
GdiEndDocEMF
GdiConvertRegion
GdiConvertBitmap
GdiComment
GdiAlphaBlend
GdiAddGlsRecord
GdiAddFontResourceW
FlattenPath
FixBrushOrgEx
FONTOBJ_cGetAllGlyphHandles
ExtCreatePen
Escape
EnumICMProfilesA
EnumFontFamiliesExW
EngReleaseSemaphore
EngMultiByteToWideChar
EngGradientFill
EngFindResource
EngDeleteSemaphore
EngCheckAbort
Ellipse
DeleteMetaFile
CreateSolidBrush
CreateRectRgn
CreatePalette
CreateMetaFileA
CreateHalftonePalette
CreateFontIndirectW
AbortPath

advapi32

RegOpenKeyW

shell32

SHGetFolderPathW
Shell_NotifyIconW
Shell_NotifyIcon
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
CommandLineToArgvW
DoEnvironmentSubstW
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconA
ExtractAssociatedIconExW
FindExecutableW
SHAddToRecentDocs
SHBrowseForFolder
SHBrowseForFolderA
SHCreateDirectoryExA
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfoW
SHGetFolderPathA
SHIsFileAvailableOffline
SHGetIconOverlayIndexW
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderLocation
SHInvokePrinterCommandA
SHInvokePrinterCommandW
WOWShellExecute

ole32

CoInitializeEx
CoInstall
CoIsHandlerConnected
CoMarshalInterThreadInterfaceInStream
CoMarshalInterface
CoRegisterMallocSpy
CoReleaseServerProcess
CoResumeClassObjects
CoRevokeClassObject
CoRevokeMallocSpy
CoSetProxyBlanket
CoTaskMemFree
CoUnloadingWOW
CreateDataCache
CreateGenericComposite
CreatePointerMoniker
CreateStreamOnHGlobal
DcomChannelSetHResult
FmtIdToPropStgName
GetHGlobalFromILockBytes
GetHookInterface
GetRunningObjectTable
HACCEL_UserFree
HACCEL_UserMarshal
HBITMAP_UserSize
HDC_UserUnmarshal
HGLOBAL_UserSize
HICON_UserMarshal
HICON_UserUnmarshal
HMENU_UserFree
HMENU_UserUnmarshal
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserUnmarshal
IsEqualGUID
MkParseDisplayName
OleCreateEmbeddingHelper
OleCreateFromDataEx
OleCreateLink
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleDoAutoConvert
OleDuplicateData
OleFlushClipboard
OleGetIconOfFile
OleInitializeWOW
OleMetafilePictFromIconAndLabel
OleNoteObjectVisible
OleRun
OleTranslateAccelerator
OleUninitialize
PropVariantClear
ReadOleStg
ReadStringStream
ReleaseStgMedium
SNB_UserSize
STGMEDIUM_UserMarshal
StgCreateDocfile
StgCreatePropSetStg
StgGetIFillLockBytesOnFile
StgIsStorageILockBytes
StgOpenStorage
StgOpenStorageOnILockBytes
StgSetTimes
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
WdtpInterfacePointer_UserFree
WriteFmtUserTypeStg
WriteOleStg
CoImpersonateClient
CoGetInstanceFromIStorage
CoGetCurrentLogicalThreadId
CoFreeUnusedLibraries
CoFreeAllLibraries
CoDisableCallCancellation
CoCreateObjectInContext
CLSIDFromString
CLIPFORMAT_UserFree
BindMoniker
CoCreateInstance

shlwapi

StrChrA
StrChrIA
StrCmpNA
StrCmpNIA
StrCmpNW
StrRChrA
StrRChrIA
StrRChrIW
StrRStrIA
StrStrIW

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fff2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fff
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdaa62fe5b152b6cdece8750091c2783

Code Sign

05:0c:40:50:6f:37:df:50:b8:e6:f5:24:da:1f:3c:91Certificate

Extended Key Usages

d4:b3:fc:eb:9c:4b:58:b1:41:b1:b8:d5:4c:60:29:36:30:07:5d:0dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 216B

.fff2 Size: 1024B - Virtual size: 1000B

.fff Size: 13KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

05:0c:40:50:6f:37:df:50:b8:e6:f5:24:da:1f:3c:91
Certificate

d4:b3:fc:eb:9c:4b:58:b1:41:b1:b8:d5:4c:60:29:36:30:07:5d:0d
Signer

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 216B

.fff2
Size: 1024B - Virtual size: 1000B

.fff
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB