1043fc54a1b63b8d1665a1637a18a0a3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1043fc54a1b63b8d1665a1637a18a0a3_JaffaCakes118
Size

141KB
MD5

1043fc54a1b63b8d1665a1637a18a0a3
SHA1

7cf4fd2da55a753748bf367757886e362b35ffff
SHA256

c8e00081cb6c6136d0daa284e63903a65dfb0683779d5a877b3c2f7180dd726a
SHA512

e2c605b7152943428e03d26f296e7e9d675ccc7a62343370d853624879c52b8e1b8ccb4d98ea78d8fb5249e9714435c02748e184b193f132e7d76ebf05da1783
SSDEEP

3072:l3XSQNT/8qzNIfUZ8NUZAyTvyX9u8st4DXMkC:FXSQFZHZ8NUZAyTvgrokC

Score

1^/10

Malware Config

Signatures

Files

1043fc54a1b63b8d1665a1637a18a0a3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ccc57c8d46970bc96e40ae07a02951d8

Code Sign

1e:66:44:82:57:2d:9f:42:8f:57:1e:30:73:ad:fa:1f
Certificate

Issuer

CN=Asert,OU=Asert,O=Asert,L=Origert,C=ER,1.2.840.113549.1.9.1=#0c0e61646d696e4041736572742e6572

Not Before

02/04/2012, 00:00

Not After

01/04/2013, 23:59

Subject

CN=Asert,OU=Asert,O=Asert,L=Origert,C=ER,1.2.840.113549.1.9.1=#0c0e61646d696e4041736572742e6572

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
lstrlenA
VirtualQuery
FindResourceExW
FindResourceW
LoadResource
GlobalAlloc
WideCharToMultiByte
SizeofResource
lstrcmpW
lstrlenW
GlobalFree
LockResource
GetModuleFileNameA
SetFilePointer
SetEndOfFile
GlobalLock
WriteFile
LoadLibraryW
GetFileAttributesW
ReadFile
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GlobalUnlock
GetLastError
GetProcAddress
InterlockedExchangeAdd
lstrcmpiW
lstrcatW
FindNextFileW
GetFileTime
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
lstrcpyA
LocalAlloc
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
Sleep
ExitProcess
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetStdHandle
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode

user32

CloseClipboard
SetTimer
GetTopWindow
GetParent
wsprintfA
wsprintfW
GetClassNameW
GetWindow
UnregisterClassA

Exports

Exports

DllRegisterServer
DllUnregisterServer
NSGetModule
NSModule

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccc57c8d46970bc96e40ae07a02951d8

Code Sign

1e:66:44:82:57:2d:9f:42:8f:57:1e:30:73:ad:fa:1fCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 10KB

1e:66:44:82:57:2d:9f:42:8f:57:1e:30:73:ad:fa:1f
Certificate

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 10KB