fed32092acaa8f8849cbee0faa4495cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fed32092acaa8f8849cbee0faa4495cd_JaffaCakes118
Size

290KB
MD5

fed32092acaa8f8849cbee0faa4495cd
SHA1

ff92fb138336e2384a5aaf667a0cae3f7242d2ec
SHA256

407e597ac018533d9833b2e94ace20b487ffbc26ec2028ac823a8ee7f6f3a07e
SHA512

5de7552536c58cc5750b587ad88d7e811ee51a84d0c6f5680e28fa90174b6a0b0b5e643a082464cd5d4ba9f80107c8a1f5909ba339fd9e358eafe7f7f2449cdf
SSDEEP

6144:eXmlvdqWLqOKl/B5RyaynzgvGq6JhW7FQgtm0DTAAb:eXm/zL4/B5YzFHOtmm

Score

1^/10

Malware Config

Signatures

Files

fed32092acaa8f8849cbee0faa4495cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36cc86e9aa6615737205d7f9a5a076be

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

Issuer

CN=2352323

Not Before

11/02/2012, 05:41

Not After

31/12/2039, 23:59

Subject

CN=2352323

Extended Key Usages

ExtKeyUsageCodeSigning

ef:58:52:ae:20:1e:83:b4:0f:ee:cf:fe:2b:80:62:c7:88:f8:79:a8
Signer

Actual PE Digest

ef:58:52:ae:20:1e:83:b4:0f:ee:cf:fe:2b:80:62:c7:88:f8:79:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
CreateFileA

user32

AllowSetForegroundWindow
ReleaseCapture
CharLowerA
ClipCursor
wsprintfA
GetShellWindow
CharToOemA
GrayStringW
PeekMessageW
CreateMenu
DestroyIcon
DdeCmpStringHandles
ShowOwnedPopups
DdeQueryStringA
LoadKeyboardLayoutA
CopyAcceleratorTableA
IsCharAlphaNumericW
wvsprintfW
DrawEdge
DefMDIChildProcW
DdeQueryNextServer
GetCaretPos
DdeQueryConvInfo
DefDlgProcW
IsDialogMessage
MessageBeep
DefWindowProcA
CharUpperBuffW
GetCursorPos
FreeDDElParam
TranslateMDISysAccel
EnumDisplaySettingsW
WaitForInputIdle
DlgDirListComboBoxW
GetInputState
DragDetect
IsIconic
InsertMenuW
CreateCursor
SetMenuInfo
CopyAcceleratorTableW
CharNextA
EnumDisplaySettingsA
ScrollWindowEx
DefDlgProcA
CreateCaret
CopyRect
ChangeClipboardChain
GetWindowPlacement
GetWindowModuleFileName
GetWindowModuleFileNameW
SetPropW
GetPriorityClipboardFormat
GetWindowDC
CharPrevExA
PostThreadMessageW
GetClassWord
GetMessageW
TrackPopupMenu
GetMenuItemRect
UnionRect
DdeNameService
RegisterHotKey
UnhookWinEvent
IMPQueryIMEW
SetActiveWindow
GetProcessDefaultLayout
SendMessageCallbackA
KillTimer
MonitorFromRect
EnumDisplayDevicesW
GetNextDlgGroupItem
ToUnicode
FindWindowExW
DrawIcon
IsCharLowerW
CharUpperA
DdeFreeStringHandle
SetForegroundWindow
SetMessageQueue
RegisterClassW
OpenInputDesktop
SetPropA
BringWindowToTop
DialogBoxIndirectParamW
MessageBoxIndirectW
OemToCharW
MapVirtualKeyExA
SetUserObjectInformationA
TabbedTextOutA
GetLastInputInfo
GetFocus
CreateDialogParamA

comctl32

CreatePropertySheetPageA
InitMUILanguage
ImageList_SetImageCount
ImageList_SetBkColor
UninitializeFlatSB
ImageList_GetIconSize
ImageList_Remove
ImageList_DragLeave
ImageList_Create
ord15
ord2
ImageList_GetImageInfo
ord7
DrawStatusTextW
ord6
ImageList_Replace
ImageList_BeginDrag
ord16
ImageList_DragEnter
ImageList_Merge
ImageList_LoadImage
FlatSB_SetScrollProp
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_SetOverlayImage
ImageList_GetBkColor
CreateStatusWindow
FlatSB_ShowScrollBar
FlatSB_GetScrollInfo
CreateToolbarEx
ImageList_Destroy
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_DragMove
FlatSB_SetScrollInfo
ImageList_DrawIndirect
GetMUILanguage
FlatSB_GetScrollPos
ImageList_GetDragImage
FlatSB_SetScrollPos
_TrackMouseEvent
DrawStatusText
ImageList_Write
ord8
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_ReplaceIcon
ord3
FlatSB_GetScrollRange
CreatePropertySheetPageW
InitCommonControlsEx
CreatePropertySheetPage
CreateStatusWindowW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF3
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textF2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36cc86e9aa6615737205d7f9a5a076be

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25Certificate

Extended Key Usages

ef:58:52:ae:20:1e:83:b4:0f:ee:cf:fe:2b:80:62:c7:88:f8:79:a8Signer

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 3KB - Virtual size: 2KB

.textF3 Size: 273KB - Virtual size: 273KB

.textF4 Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.textF2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 852B

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

ef:58:52:ae:20:1e:83:b4:0f:ee:cf:fe:2b:80:62:c7:88:f8:79:a8
Signer

.text
Size: 3KB - Virtual size: 2KB

.textF3
Size: 273KB - Virtual size: 273KB

.textF4
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.textF2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 852B