031849afa136e8df3831cd2e4d50d45a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

031849afa136e8df3831cd2e4d50d45a_JaffaCakes118
Size

214KB
MD5

031849afa136e8df3831cd2e4d50d45a
SHA1

d2deef7befa9c7b262c15d3b30ca98211157171c
SHA256

9069f9cef97b15da2654be5351b00cce48201cef88ead2abeb78d0d51c7f147b
SHA512

6a1368648aae490a6f1aeac57af5f56cb9c983a499644d9865946a615e8128b034cf60940fbefb2b7e14bcc583f33cbdf20a2ad3e3b2213eb18d10c6f40fae30
SSDEEP

3072:jU+YetJPKb9B/bwFbHLnfgULDAI5Upp2RmT9OR7NnpuLecOW3XLSTWziObPCsQuc:twRbUDljU72RmTURVpuLecQW1o5

Score

1^/10

Malware Config

Signatures

Files

031849afa136e8df3831cd2e4d50d45a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e9bd40850e50e1be4fb6ddd1eeea5b50

Code Sign

02:7a:d4:db:0d:82:7a:49:bd:14:78:b8:6e:2a:7c:4e
Certificate

Issuer

CN=aset3tttt

Not Before

05/03/2012, 09:38

Not After

31/12/2039, 23:59

Subject

CN=aset3tttt

Extended Key Usages

ExtKeyUsageCodeSigning

91:77:85:31:b6:80:86:55:32:5c:5c:ba:42:31:88:c3:31:58:82:25
Signer

Actual PE Digest

91:77:85:31:b6:80:86:55:32:5c:5c:ba:42:31:88:c3:31:58:82:25

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetWindowsDirectoryA
ExitProcess
VirtualAlloc
BackupRead
BackupSeek
BeginUpdateResourceW
CallNamedPipeW
CancelDeviceWakeupRequest
ContinueDebugEvent
CopyFileExA
CreateDirectoryA
CreateDirectoryExA
CreateHardLinkW
CreateIoCompletionPort
CreateMailslotA
CreateMutexW
CreateProcessW
CreateWaitableTimerA
CreateWaitableTimerW
DeleteVolumeMountPointW
DnsHostnameToComputerNameW
EnumCalendarInfoW
EnumResourceNamesA
FileTimeToLocalFileTime
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindClose
FindFirstChangeNotificationW
FindFirstFileW
FindFirstVolumeA
FindResourceExW
FindVolumeMountPointClose
FlushFileBuffers
FlushInstructionCache
GetCPInfoExA
GetCalendarInfoA
GetCommConfig
GetCommMask
GetComputerNameW
GetCurrencyFormatA
GetCurrencyFormatW
GetEnvironmentStrings
GetModuleHandleA
GetNumberFormatA
GetProcessPriorityBoost
GetProfileIntW
GetStringTypeExA
lstrcpyA
GetSystemTime
GetSystemTimeAdjustment
GetVolumeInformationW
HeapWalk
IsBadReadPtr
IsDebuggerPresent
LoadLibraryA
LocalLock
Module32NextW
OpenJobObjectW
OpenMutexW
OutputDebugStringW
PeekConsoleInputW
PostQueuedCompletionStatus
QueryInformationJobObject
RaiseException
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
SetCalendarInfoA
SetCalendarInfoW
SetCommConfig
SetComputerNameExW
SetConsoleActiveScreenBuffer
SetConsoleDisplayMode
SetConsoleTitleW
SetDefaultCommConfigA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesW
SetProcessAffinityMask
SetThreadContext
SetTimerQueueTimer
SuspendThread
Thread32First
TlsGetValue
TlsSetValue
UnregisterWait
VerSetConditionMask
VirtualUnlock
WaitForMultipleObjectsEx
WriteConsoleOutputCharacterW
WriteFileEx
WritePrivateProfileSectionA
WriteProcessMemory
WriteTapemark
lstrcat
lstrcmp
GetStringTypeW
CreateFileA

user32

SetPropW
SetUserObjectInformationW
SetWindowLongW
SetWindowRgn
SetWindowTextW
SetWindowsHookExA
ShowCursor
TabbedTextOutA
TileChildWindows
ToUnicode
TrackMouseEvent
TrackPopupMenu
UnhookWindowsHook
ValidateRgn
VkKeyScanExA
WINNLSGetIMEHotkey
WinHelpA
WinHelpW
WindowFromPoint
SetProcessDefaultLayout
SetDoubleClickTime
SetCaretBlinkTime
SendNotifyMessageW
ScrollWindowEx
RemovePropA
PostMessageW
PeekMessageW
PaintDesktop
MessageBoxExA
MapWindowPoints
MapVirtualKeyW
LoadKeyboardLayoutW
KillTimer
IsDlgButtonChecked
IsDialogMessage
InvalidateRect
InsertMenuItemW
InsertMenuItemA
InSendMessage
GetWindowTextA
GetUserObjectSecurity
GetScrollPos
GetParent
GetNextDlgGroupItem
GetMessageExtraInfo
GetMessageA
GetMenuBarInfo
GetKeyboardLayoutNameA
GetIconInfo
GetFocus
GetClipboardViewer
GetClipboardOwner
GetClassLongA
GetAltTabInfoA
ExcludeUpdateRgn
EnumPropsExW
EnumPropsA
EnumDisplaySettingsA
EnumDesktopsA
EnumDesktopWindows
EnableScrollBar
EmptyClipboard
DrawTextExW
DrawTextExA
DlgDirSelectComboBoxExW
DlgDirListComboBoxW
DialogBoxParamW
DestroyAcceleratorTable
DefFrameProcA
DefDlgProcA
DdeQueryNextServer
DdeGetLastError
DdeDisconnectList
DdeDisconnect
DdeCreateDataHandle
CreateCaret
CreateAcceleratorTableW
CloseDesktop
CloseClipboard
ClientToScreen
CheckMenuItem
CharToOemBuffW
CharPrevA
CharNextExA
CharLowerBuffA
CallWindowProcA
BroadcastSystemMessageW
AnimateWindow
EnumDisplayDevicesW

advapi32

RegOpenKeyExW

shell32

WOWShellExecute
Shell_NotifyIconW
Shell_NotifyIconA
Shell_NotifyIcon
ShellHookProc
ShellExecuteW
ShellExecuteExA
CheckEscapesW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractIconEx
ExtractIconExA
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBrowseForFolder
SHBrowseForFolderA
ShellExecuteEx
SHBrowseForFolderW
SHCreateDirectoryExW
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfoW
SHGetFolderPathA
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHInvokePrinterCommandA
SHInvokePrinterCommandW
SHIsFileAvailableOffline
SHLoadInProc
SHLoadNonloadedIconOverlayIdentifiers
SHPathPrepareForWriteW
SHQueryRecycleBinA
SHQueryRecycleBinW
ShellAboutW

shlwapi

StrChrA
StrCmpNIW
StrCmpNW
StrRChrIA
StrRChrW
StrRStrIW
StrStrIA
StrStrW
StrStrIW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9bd40850e50e1be4fb6ddd1eeea5b50

Code Sign

02:7a:d4:db:0d:82:7a:49:bd:14:78:b8:6e:2a:7c:4eCertificate

Extended Key Usages

91:77:85:31:b6:80:86:55:32:5c:5c:ba:42:31:88:c3:31:58:82:25Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 199KB - Virtual size: 199KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

02:7a:d4:db:0d:82:7a:49:bd:14:78:b8:6e:2a:7c:4e
Certificate

91:77:85:31:b6:80:86:55:32:5c:5c:ba:42:31:88:c3:31:58:82:25
Signer

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 199KB - Virtual size: 199KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB