11b1fe1ed71bd849023b73268fcc2423_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11b1fe1ed71bd849023b73268fcc2423_JaffaCakes118
Size

141KB
MD5

11b1fe1ed71bd849023b73268fcc2423
SHA1

62d4a2cb411436f970333ebc515f787eada0c3e6
SHA256

eb6aede035b742f5c53eb3e587f5bd16917234aab17c45dbfca6f149fb2e2f42
SHA512

1be1a826decfbbd2ccb18be6454cf528c2cf46c8a5c4ce35b7a3b231e70ee84c9271d43ab2004df08026f46773b8ff6a13aaab98a976c5ef9fc77fd69bfc7d6e
SSDEEP

3072:VEgjtI/UnS7ECOeMJHHAllkA7CiRZqjX9u81t8jTLC5yOIk3:egjhcL9MJHgllkA7CiRZqZqDWIk3

Score

1^/10

Malware Config

Signatures

Files

11b1fe1ed71bd849023b73268fcc2423_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ccc57c8d46970bc96e40ae07a02951d8

Code Sign

1e:66:44:82:57:2d:9f:42:8f:57:1e:30:73:ad:fa:1f
Certificate

Issuer

CN=Asert,OU=Asert,O=Asert,L=Origert,C=ER,1.2.840.113549.1.9.1=#0c0e61646d696e4041736572742e6572

Not Before

02/04/2012, 00:00

Not After

01/04/2013, 23:59

Subject

CN=Asert,OU=Asert,O=Asert,L=Origert,C=ER,1.2.840.113549.1.9.1=#0c0e61646d696e4041736572742e6572

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
lstrlenA
VirtualQuery
FindResourceExW
FindResourceW
LoadResource
GlobalAlloc
WideCharToMultiByte
SizeofResource
lstrcmpW
lstrlenW
GlobalFree
LockResource
GetModuleFileNameA
SetFilePointer
SetEndOfFile
GlobalLock
WriteFile
LoadLibraryW
GetFileAttributesW
ReadFile
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GlobalUnlock
GetLastError
GetProcAddress
InterlockedExchangeAdd
lstrcmpiW
lstrcatW
FindNextFileW
GetFileTime
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
lstrcpyA
LocalAlloc
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
Sleep
ExitProcess
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetStdHandle
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode

user32

CloseClipboard
SetTimer
GetTopWindow
GetParent
wsprintfA
wsprintfW
GetClassNameW
GetWindow
UnregisterClassA

Exports

Exports

DllRegisterServer
DllUnregisterServer
NSGetModule
NSModule

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccc57c8d46970bc96e40ae07a02951d8

Code Sign

1e:66:44:82:57:2d:9f:42:8f:57:1e:30:73:ad:fa:1fCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 10KB

1e:66:44:82:57:2d:9f:42:8f:57:1e:30:73:ad:fa:1f
Certificate

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 10KB