12019ddc47c659a5b23d77131e12aabe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12019ddc47c659a5b23d77131e12aabe_JaffaCakes118
Size

208KB
MD5

12019ddc47c659a5b23d77131e12aabe
SHA1

6c051ac49f3494a63b330e99e93c283822344f33
SHA256

d5cb971c046eab8bb98edba3758e0169e6aa2f0cd8dcf2d5b635d5d7b6b13902
SHA512

708d3c102e468c221d0ed7987a164726267576b7b96ce925c70200b74f4b14721c309065273f52950640cd652bb9ccbe8de62b43fe3b031906272283c4f51209
SSDEEP

6144:DENNBzSe7TtsRziJ5KOtMw7FeyttQg+s8JCPoZK:DENNpSampiZtjEyttQgJ8JCPo

Score

1^/10

Malware Config

Signatures

Files

12019ddc47c659a5b23d77131e12aabe_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5871c7a87dd21577bcee04ed7f9dc55f

Code Sign

63:de:e7:d2:c4:07:e6:65:b5:95:d3:06:d6:56:3e:f8
Certificate

Issuer

CN=CKiGkXE9PDeM

Not Before

15/03/2012, 09:12

Not After

31/12/2039, 23:59

Subject

CN=CKiGkXE9PDeM

Extended Key Usages

ExtKeyUsageCodeSigning

6e:99:58:d4:11:a8:05:81:4d:9f:c1:9b:44:ea:be:20:34:80:2a:68
Signer

Actual PE Digest

6e:99:58:d4:11:a8:05:81:4d:9f:c1:9b:44:ea:be:20:34:80:2a:68

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CancelTimerQueueTimer
BackupSeek
AddAtomW
lstrcpyW
ConnectNamedPipe
lstrlenA
lstrcpyA
CreateFileA
ExitProcess
CopyFileA
CreateFileW
CreateMutexW
CreateToolhelp32Snapshot
DebugActiveProcess
DebugBreak
DeleteCriticalSection
DisconnectNamedPipe
DnsHostnameToComputerNameW
EnterCriticalSection
EnumDateFormatsA
EnumUILanguagesA
lstrcatW
WaitForSingleObject
WaitForDebugEvent
VirtualProtect
VirtualAllocEx
VerifyVersionInfoW
VerifyVersionInfoA
VerLanguageNameA
UpdateResourceW
TlsGetValue
SuspendThread
SleepEx
SignalObjectAndWait
SetTimerQueueTimer
SetThreadIdealProcessor
SetProcessPriorityBoost
SetFileAttributesA
SetDefaultCommConfigW
VirtualAlloc
SetConsoleMode
SetConsoleCP
SetComputerNameW
SetCommTimeouts
SetCommState
RtlFillMemory
ResetWriteWatch
RequestDeviceWakeup
ReplaceFileA
ReleaseMutex
OpenWaitableTimerA
OpenSemaphoreA
MultiByteToWideChar
Module32NextW
Module32Next
MapViewOfFileEx
LocalReAlloc
LocalLock
LocalHandle
LocalFlags
LoadLibraryExW
LoadLibraryExA
LCMapStringW
IsProcessorFeaturePresent
IsBadReadPtr
IsBadHugeWritePtr
InterlockedCompareExchange
InitAtomTable
HeapWalk
HeapLock
HeapCreate
HeapAlloc
GlobalUnfix
GlobalGetAtomNameA
GlobalFindAtomW
GetVolumePathNameW
GetVolumePathNameA
GetVersionExW
GetUserDefaultLCID
GetTempPathW
GetProcessHeaps
GetProcessHeap
GetPrivateProfileStructW
GetPrivateProfileSectionNamesW
GetPrivateProfileIntA
GetNumberOfConsoleMouseButtons
GetLocaleInfoW
GetEnvironmentVariableW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetDiskFreeSpaceA
GetCurrentConsoleFont
GetConsoleOutputCP
GetCommandLineW
GetCommModemStatus
GetCommMask
FoldStringA
FindResourceExW
FindNextFileW
FindFirstChangeNotificationW
FindFirstChangeNotificationA
FindClose
FindAtomW
GetWindowsDirectoryA
FatalAppExitA

user32

wvsprintfA
mouse_event
keybd_event
WindowFromPoint
WindowFromDC
WINNLSGetIMEHotkey
UnpackDDElParam
TabbedTextOutA
SwitchDesktop
ShowOwnedPopups
ShowCaret
SetWindowRgn
SetWindowPos
SetWinEventHook
SetScrollPos
SetParent
SetForegroundWindow
SetClassLongW
SendMessageTimeoutW
SendMessageA
ScrollWindowEx
ScreenToClient
RemoveMenu
RealGetWindowClassA
RealGetWindowClass
PaintDesktop
NotifyWinEvent
LoadKeyboardLayoutW
LoadKeyboardLayoutA
LoadImageA
LoadBitmapA
IsMenu
IsIconic
IsDialogMessage
IsClipboardFormatAvailable
InvalidateRect
InflateRect
IMPSetIMEW
GetWindowTextLengthW
GetWindowPlacement
GetWindow
GetUserObjectInformationW
GetScrollPos
GetNextDlgTabItem
GetMessageA
GetKeyboardType
GetKeyState
GetKeyNameTextW
GetInputState
GetDlgItemTextW
GetDC
GetCursor
GetClipCursor
GetClassWord
GetClassLongW
GetClassInfoExA
GetCaretBlinkTime
GetCapture
FreeDDElParam
FindWindowExA
ExitWindowsEx
EnumThreadWindows
EnumPropsExA
EnumPropsA
EnumDesktopsW
EnableWindow
DrawTextW
DrawIcon
DrawEdge
DlgDirSelectComboBoxExW
DialogBoxParamW
DialogBoxParamA
DestroyIcon
DestroyCaret
DeferWindowPos
DdeInitializeA
CreateDialogIndirectParamA
CreateCursor
CountClipboardFormats
CopyImage
CopyAcceleratorTableA
CloseWindow
ChildWindowFromPoint
CharPrevW
CharLowerW
CharLowerA
CallMsgFilter
BlockInput
ArrangeIconicWindows
AppendMenuA
AnyPopup
AdjustWindowRect
GetWindowTextA

gdi32

EnumFontsA
EngMultiByteToUnicodeN
EngMarkBandingSurface
EngLockSurface
EngLoadModule
EngGetCurrentCodePage
EngDeleteSurface
EngCreateBitmap
EngComputeGlyphSet
EngAlphaBlend
EndFormPage
Ellipse
DeleteObject
CreatePolyPolygonRgn
CreatePen
CreateFontW
CreateFontA
CreateDiscardableBitmap
CreateDIBPatternBrush
CloseMetaFile
CheckColorsInGamut
CancelDC
CLIPOBJ_cEnumStart
BRUSHOBJ_pvAllocRbrush
EnumObjects
Escape
EudcLoadLinkW
ExtEscape
ExtTextOutA
ExtTextOutW
FONTOBJ_pxoGetXform
GdiAddFontResourceW
GdiAddGlsRecord
GdiConvertToDevmodeW
GdiDeleteLocalDC
GdiDeleteSpoolFileHandle
GdiDllInitialize
GdiEndPageEMF
GdiEntry8
GdiFixUpHandle
GdiGetPageCount
GdiGetSpoolFileHandle
GdiPlayScript
GdiQueryFonts
GdiRealizationInfo
GetBitmapBits
GetBoundsRect
GetBrushOrgEx
GetCharABCWidthsFloatW
GetCharABCWidthsI
GetCharacterPlacementA
GetDCPenColor
GetDeviceGammaRamp
GetEUDCTimeStampExW
GetEnhMetaFileDescriptionA
GetFontData
GetLogColorSpaceW
GetMetaFileBitsEx
GetNearestColor
GetNearestPaletteIndex
GetPixel
GetRelAbs
GetStockObject
GetTextCharsetInfo
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPointA
HT_Get8BPPMaskPalette
InvertRgn
MirrorRgn
MoveToEx
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PATHOBJ_vEnumStartClipLines
PathToRegion
Pie
PlayEnhMetaFileRecord
PlgBlt
PolyPatBlt
PolyPolygon
QueryFontAssocStatus
RealizePalette
RemoveFontMemResourceEx
ResizePalette
STROBJ_bEnum
SaveDC
SetGraphicsMode
SetMapMode
SetPaletteEntries
SetROP2
SetTextColor
UnrealizeObject
EngStretchBltROP

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
ReplaceTextA
ReplaceTextW
GetOpenFileNameW

advapi32

RegOpenKeyW

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text3
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5871c7a87dd21577bcee04ed7f9dc55f

Code Sign

63:de:e7:d2:c4:07:e6:65:b5:95:d3:06:d6:56:3e:f8Certificate

Extended Key Usages

6e:99:58:d4:11:a8:05:81:4d:9f:c1:9b:44:ea:be:20:34:80:2a:68Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 193KB - Virtual size: 192KB

.data Size: 512B - Virtual size: 48B

.text4 Size: 1024B - Virtual size: 1000B

.text3 Size: 3KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

63:de:e7:d2:c4:07:e6:65:b5:95:d3:06:d6:56:3e:f8
Certificate

6e:99:58:d4:11:a8:05:81:4d:9f:c1:9b:44:ea:be:20:34:80:2a:68
Signer

.text
Size: 193KB - Virtual size: 192KB

.data
Size: 512B - Virtual size: 48B

.text4
Size: 1024B - Virtual size: 1000B

.text3
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB