12e3f40305bc2268385c1c4d920d6d47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12e3f40305bc2268385c1c4d920d6d47_JaffaCakes118
Size

42KB
MD5

12e3f40305bc2268385c1c4d920d6d47
SHA1

994a5f8a6291e4a939faa991da6802e0202a1390
SHA256

00d35d7b6f29596ab1881a426a166a0bcc9d29129585b5876bd5a17808d0b4b4
SHA512

f7167102c89219d9e296452e27d728606bf1a14f2c20a289061e48776f204ed3cc50fb20eeaec102880389276f631126457751103009267a7c3f3fa5c8cd6bed
SSDEEP

768:NQ7eUxuWiiNNz3zyAfJTgSeOgIDdvRvwgnZb03FSSAfAGB7oqWFzTM4:86KNhzyAfJzwIDZd903jAfT7oqWJY4

Score

1^/10

Malware Config

Signatures

Files

12e3f40305bc2268385c1c4d920d6d47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d056a0bb86f4251ab78e4fdbe1c23103

Code Sign

32:55:6a:e7:08:f7:89:42:33:fa:ab:a7:fe:63:8f
Certificate

Issuer

CN=6XmQDBJNP1WEk5aaXy7X26PycWgFQQP9iWQJNY3bNKr9rvtY1nhW12QoE42bO4O6aKlm2Y4MUEarRsALXFZfkV9brHCPJoOSlKYMtKiCY4Txj8fgcbqfeVWKyCc3vnUBCTuu2AdhLyVYHZu8nyLKy2qXYf4I0h9LWCxdAUptL4x3kowdPU4BnikKyWzi8DAHvOhJ6ltfmb0eWVUGax7LZ5oOunVtiR7AidvdAUYuqYgIb8kFkfEulJCTsGHmfSyQ1IZAacBk3o1mykpRSKJ6TIAVkvkSrEotu4CbnGXQ0X3todGM6Q2ArSEWrMpfnbbAQht261E6CTa6V129Q3OAGiiBrbiI7Sgb3nmem4ijIbcQnvn1mrApjNrQkkrf5nKw0danhnX08dQcH1vateQ

Not Before

27/11/2012, 15:32

Not After

27/05/2013, 15:32

Subject

CN=6XmQDBJNP1WEk5aaXy7X26PycWgFQQP9iWQJNY3bNKr9rvtY1nhW12QoE42bO4O6aKlm2Y4MUEarRsALXFZfkV9brHCPJoOSlKYMtKiCY4Txj8fgcbqfeVWKyCc3vnUBCTuu2AdhLyVYHZu8nyLKy2qXYf4I0h9LWCxdAUptL4x3kowdPU4BnikKyWzi8DAHvOhJ6ltfmb0eWVUGax7LZ5oOunVtiR7AidvdAUYuqYgIb8kFkfEulJCTsGHmfSyQ1IZAacBk3o1mykpRSKJ6TIAVkvkSrEotu4CbnGXQ0X3todGM6Q2ArSEWrMpfnbbAQht261E6CTa6V129Q3OAGiiBrbiI7Sgb3nmem4ijIbcQnvn1mrApjNrQkkrf5nKw0danhnX08dQcH1vateQ

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

f9:80:2e:7b:ff:91:7c:94:54:bd:ac:1d:e1:37:9e:85:31:93:21:8f
Signer

Actual PE Digest

f9:80:2e:7b:ff:91:7c:94:54:bd:ac:1d:e1:37:9e:85:31:93:21:8f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateConsoleScreenBuffer
IsBadCodePtr
GetTempPathW
GetConsoleAliasW
WaitCommEvent
SetFileAttributesA
IsValidLanguageGroup
GlobalUnfix
Module32First
GetProcessTimes
FindVolumeMountPointClose
EnumDateFormatsA
MapUserPhysicalPagesScatter
GetConsoleAliasesLengthW
IsBadReadPtr
IsDBCSLeadByte
GetProfileSectionA
CompareStringA
GlobalReAlloc
SetVolumeLabelA
GetPrivateProfileSectionNamesA
GetLongPathNameW
CreateFileA
RtlZeroMemory
GetWindowsDirectoryA
WriteConsoleOutputA
IsSystemResumeAutomatic
GetTempFileNameW
ReplaceFileA
SetMessageWaitingIndicator
ReadConsoleOutputCharacterA
EnumResourceLanguagesW
GetOverlappedResult
SetProcessAffinityMask
ReadConsoleOutputA
HeapLock
VerLanguageNameW
ResetWriteWatch
GetConsoleAliasExesLengthA
VerifyVersionInfoW
AddAtomW
GetVolumeInformationA
DeleteTimerQueue
GetExitCodeProcess
OpenThread
GetSystemDefaultLangID
VerSetConditionMask
VirtualAllocEx
LocalCompact
SetLastError
GlobalGetAtomNameA
lstrcpyA
EnumDateFormatsExW
DeviceIoControl
GetModuleHandleW
_lwrite
BuildCommDCBA
EnumResourceTypesW
ScrollConsoleScreenBufferA
GetOEMCP
WriteProfileStringA
GetVolumeInformationW
DnsHostnameToComputerNameW
EnterCriticalSection
GetCurrentDirectoryA
GetConsoleAliasesA
QueueUserWorkItem
GetTapePosition
OpenFileMappingW
IsDebuggerPresent
PrepareTape
GetCommState
LoadLibraryExA
DosDateTimeToFileTime
InterlockedExchangeAdd
lstrcpy
SetCommConfig
CreateWaitableTimerA
OpenWaitableTimerW
SetThreadAffinityMask
GetProcessIoCounters
GetCurrentDirectoryW
SetConsoleTextAttribute
SwitchToFiber
SetFilePointer
UpdateResourceA
ExitThread
lstrcatA
MoveFileW
GlobalFlags
FindNextChangeNotification
Process32FirstW
GetThreadTimes
_lclose
CreateDirectoryExW
FlushViewOfFile
WriteProfileStringW
GetShortPathNameA
SetCalendarInfoA
GetLocalTime
GetProcessWorkingSetSize
CreateFiber
FillConsoleOutputCharacterW
GetTimeFormatW
LocalLock
SearchPathA
EnumUILanguagesW
DeleteTimerQueueEx
OpenWaitableTimerA
lstrcmpi
MoveFileWithProgressW
LocalShrink
EnumSystemLocalesA
GetPrivateProfileSectionNamesW
EnumCalendarInfoExW
SetTapeParameters
GetDiskFreeSpaceW
GetFileSizeEx
ReadConsoleA
MoveFileExA
WriteConsoleOutputCharacterA
SetTapePosition
GlobalSize
GetNumberFormatW
FreeLibrary
SetTimeZoneInformation
GetBinaryTypeA
BuildCommDCBAndTimeoutsA
GetCPInfoExW
DefineDosDeviceA
GetCompressedFileSizeW
lstrcpyW
GlobalFindAtomA
CreateFileMappingW
SetEndOfFile
GetShortPathNameW
GetConsoleAliasExesA
VirtualProtectEx
SetupComm
FreeUserPhysicalPages
lstrlenA
GetLocaleInfoA
ClearCommBreak
RtlUnwind
SetLocaleInfoW
GetCommProperties
FindClose
GetProcessHeap
FindFirstVolumeW
GlobalFree
SetConsoleTitleA
RtlMoveMemory
SetEnvironmentVariableA
GetAtomNameW
GetThreadSelectorEntry
GlobalWire
OpenSemaphoreW
DebugActiveProcess
GlobalUnlock
GetCommandLineA
DeleteCriticalSection
SetMailslotInfo
SetProcessShutdownParameters
GetLongPathNameA
FindAtomA
WritePrivateProfileStringA
CreateDirectoryExA
InterlockedIncrement
WinExec
WriteConsoleOutputAttribute
GetCurrentProcessId
TlsSetValue
LeaveCriticalSection
GetPrivateProfileSectionA
GetLocaleInfoW
SetConsoleActiveScreenBuffer
SetConsoleMode
ExpandEnvironmentStringsW
WriteConsoleInputW
EndUpdateResourceA
SetErrorMode
GetFileAttributesW
FindResourceExA
SetConsoleCursorPosition
GetConsoleFontSize
GlobalFindAtomW
MapUserPhysicalPages
LockResource
EraseTape
_llseek
LocalSize
GetVersion
AddConsoleAliasA
GlobalAddAtomA
SetLocalTime
EnumUILanguagesA
LocalAlloc
GlobalAlloc

user32

RegisterDeviceNotificationA
DrawStateW
SetCursorPos
SetClassWord
IMPQueryIMEW
DrawMenuBar
DrawTextW
GetWindowPlacement
DdeGetLastError
SwitchToThisWindow
PtInRect
ShowWindowAsync
PeekMessageW
FlashWindow
LoadBitmapA
RealGetWindowClassA
GetDialogBaseUnits
AdjustWindowRectEx
LoadImageW
DdeDisconnectList
EnumClipboardFormats
CopyIcon
CallWindowProcA
AnyPopup
DdeFreeStringHandle
DlgDirListA
ModifyMenuW
EndDeferWindowPos
MapDialogRect
DlgDirSelectComboBoxExW
DdeCmpStringHandles
GetClassInfoW
GetAltTabInfoA
GetMenuItemID
ClipCursor
GetQueueStatus
GetWindowLongW
GetMenuContextHelpId
RegisterWindowMessageW
SendDlgItemMessageA
GetKeyboardLayout
AppendMenuW
FindWindowExW
RemoveMenu
GetDlgItemTextW
SetCaretBlinkTime
EnumWindows
SetSysColors
AllowSetForegroundWindow
GetWindowWord
GetTitleBarInfo
SetUserObjectSecurity
GetWindowThreadProcessId
WINNLSEnableIME
IntersectRect
CheckMenuRadioItem
GetCursor
GetMenuItemRect
SetWindowWord
LoadCursorA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d056a0bb86f4251ab78e4fdbe1c23103

Code Sign

32:55:6a:e7:08:f7:89:42:33:fa:ab:a7:fe:63:8fCertificate

Extended Key Usages

f9:80:2e:7b:ff:91:7c:94:54:bd:ac:1d:e1:37:9e:85:31:93:21:8fSigner

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

32:55:6a:e7:08:f7:89:42:33:fa:ab:a7:fe:63:8f
Certificate

f9:80:2e:7b:ff:91:7c:94:54:bd:ac:1d:e1:37:9e:85:31:93:21:8f
Signer

.text
Size: 28KB - Virtual size: 27KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB