06f0ddcb45d7c67eb603f72d029f5cdf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

06f0ddcb45d7c67eb603f72d029f5cdf_JaffaCakes118
Size

70KB
MD5

06f0ddcb45d7c67eb603f72d029f5cdf
SHA1

85bc4995a5f36ee129c6be7a4bcf64413f7247d3
SHA256

9648bcb5e8ab63b7711b1387949c6a973df68f43689bb7116128308b653f3e16
SHA512

204ffa4708fdb521893ef8f163da8a7828ed8bfe3a4fa13a1ee1acee48e13e86135adbd9b4befb27456130b88d7e066e9549d12a899daf3b811f69239f94c167
SSDEEP

1536:HOXpn112bEXiJGV1PYumkMCxXY05QVRKBcr9qnK:HE1CENgumjC5YXRKBcWK

Score

1^/10

Malware Config

Signatures

Files

06f0ddcb45d7c67eb603f72d029f5cdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c679075c18d274779aff6c72f9ce90ca

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

Issuer

CN=UD48SN2pZFYF

Not Before

13/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=UD48SN2pZFYF

Extended Key Usages

ExtKeyUsageCodeSigning

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60
Signer

Actual PE Digest

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetComputerNameA

user32

GetSysColorBrush
EndDeferWindowPos
CallWindowProcW
ActivateKeyboardLayout
DrawTextExA
ShowCaret
GetMenuCheckMarkDimensions
ScreenToClient
LoadMenuIndirectW
OemKeyScan
CheckMenuItem
DdeGetData
DdeKeepStringHandle
TrackPopupMenu
CascadeWindows
SetWindowTextW
GetKeyboardState
EndDialog
LoadCursorA
GetSystemMetrics
PostQuitMessage
DrawTextW
DdeQueryNextServer
ModifyMenuA
GetIconInfo
DdeUnaccessData
GetScrollRange
IsCharUpperW
ValidateRgn
DestroyWindow
GrayStringW
DestroyCursor
CharPrevW
ChangeDisplaySettingsExW
ReuseDDElParam
FindWindowA
RegisterHotKey
SetActiveWindow
GetCaretPos
ChildWindowFromPointEx
SetSystemCursor
IMPSetIMEW
SetUserObjectSecurity
ScrollWindowEx
ToAsciiEx
DefDlgProcA
SwapMouseButton
OemToCharA
GetWindowTextLengthA
SetProcessDefaultLayout
LookupIconIdFromDirectoryEx
SetDebugErrorLevel
IsWindowEnabled
SetRectEmpty
GetClipboardFormatNameA
CreateDialogParamA
GetDlgItemTextW
FlashWindow
MonitorFromRect
DlgDirSelectExA
GetWindow
IsClipboardFormatAvailable
DrawIcon
LoadStringA
SendMessageTimeoutA
CreateIconFromResourceEx
CreateIcon
RegisterClassExW
MessageBoxExW
CopyAcceleratorTableW
SetUserObjectInformationA
DeferWindowPos
CloseClipboard
IsRectEmpty
CreateWindowStationW
WINNLSEnableIME
DestroyIcon
ShowWindow
MessageBoxA
EnumWindowStationsW
OemToCharW
ModifyMenuW
GetKBCodePage
GetUserObjectInformationA
GetMenu
FindWindowExA
DlgDirListW
GrayStringA
InvertRect
SetPropW
BeginDeferWindowPos
LoadIconA

comdlg32

ChooseColorA
ReplaceTextA
PageSetupDlgW
ChooseFontA
PrintDlgA
GetSaveFileNameW
GetFileTitleA
GetOpenFileNameW
PrintDlgExA
PageSetupDlgA
PrintDlgExW
FindTextW
GetFileTitleW
ChooseFontW
FindTextA
ChooseColorW
GetSaveFileNameA
CommDlgExtendedError
ReplaceTextW
GetOpenFileNameA
PrintDlgW

advapi32

RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindSuffixArrayW
PathIsRootA
SHRegGetUSValueA
PathIsURLA
SHQueryInfoKeyA
SHRegDeleteUSValueA
StrCpyNW
wvnsprintfW
StrCmpNA
PathRemoveFileSpecA
SHRegEnumUSKeyA
UrlIsNoHistoryW
AssocQueryKeyA
PathGetCharTypeW
StrStrIW
PathIsURLW
SHStrDupA
SHRegSetUSValueA
PathIsUNCServerShareW
SHDeleteKeyA
UrlIsOpaqueW
StrCSpnA
PathCompactPathExW
PathIsUNCA
SHCreateShellPalette
SHGetThreadRef
PathFileExistsA
SHDeleteKeyW
StrFormatKBSizeW
PathUnExpandEnvStringsW
SHGetInverseCMAP
StrTrimA
PathIsDirectoryW
PathUnquoteSpacesW
wnsprintfA
SHCreateStreamOnFileA
StrNCatW
StrCmpNIW
SHSetValueA
PathStripToRootW
ColorHLSToRGB
AssocQueryStringByKeyA
PathCanonicalizeW
SHEnumKeyExW
StrRChrW
PathIsRootW
PathCompactPathA
SHRegQueryUSValueA
SHRegQueryInfoUSKeyW
StrChrIW
PathFindFileNameW
SHRegGetBoolUSValueW
PathIsContentTypeA
SHRegDeleteEmptyUSKeyW
SHOpenRegStreamA
PathCombineW
PathCompactPathExA
PathStripPathA
PathUnquoteSpacesA
StrStrW
PathRelativePathToW
PathIsDirectoryA
StrCmpW
PathIsSystemFolderW
PathIsRelativeW
StrToIntA
UrlCombineA
StrPBrkW
StrFromTimeIntervalW
PathParseIconLocationA
PathUndecorateW
StrCpyW
UrlCompareW
PathIsUNCServerShareA
ord16
AssocQueryStringByKeyW
SHQueryValueExW
PathIsSameRootW
StrRStrIW
SHStrDupW
SHRegSetPathW
StrRChrIW
SHRegOpenUSKeyW
PathRemoveBackslashA
UrlCanonicalizeA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c679075c18d274779aff6c72f9ce90ca

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1Certificate

Extended Key Usages

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 41KB - Virtual size: 40KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1KB - Virtual size: 1KB

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

8a:91:b1:40:c8:5e:a2:98:14:5a:bd:03:ed:bc:6a:ca:28:d7:9d:60
Signer

.text
Size: 3KB - Virtual size: 3KB

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 41KB - Virtual size: 40KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1KB - Virtual size: 1KB