30aaf1aeecbf1ff2e04e67ae5f334ba2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30aaf1aeecbf1ff2e04e67ae5f334ba2_JaffaCakes118
Size

268KB
MD5

30aaf1aeecbf1ff2e04e67ae5f334ba2
SHA1

758898d56e581f13dc84323891c43557afd13fd7
SHA256

68c6b0e372bdb46b6697253b77bdd26286f9424f33fd51d9ab780ec2112ee9b4
SHA512

c33f6fa12b545437e8e86dcc3479f21ac80448ba719ca3a7eebe901de27ab876e6e86f2dcdd2ffea1c7fe1c84f2152d70c8377eda84e825cf11554c7787cf716
SSDEEP

6144:80qKCrLJIg/szNP8csQl5E9qmczvhUwecPg1gCEZEC:8hKCZH/sCK5ftc6EC

Score

1^/10

Malware Config

Signatures

Files

30aaf1aeecbf1ff2e04e67ae5f334ba2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cb7e7989198eddc02d5bba0bebe5b2c3

Code Sign

69:02:bc:c2:9f:6d:3e:bd:48:b9:fb:fb:01:75:aa:fe
Certificate

Issuer

CN=L6Djr44bWml8Xg2K5m8uDjOvTguR4eCUQaJuf6849ZoYBIzyZTQzkQPcNq13E9J3Gc9aoIqj1fQRxfVM12aYYNJSD2FEpdBmuTXggatBPq18ROsCOULKH6WyIjTEFz1RqUyVG5CfXMqleNiU9DH575HOqsoblNsfLLAs5wUaLrWbLXm9KaglpvYY7yauRTfOLTZhnUhYErIwbwltqpZ3gxwYfCt2aeuyKDYY2alZ3I9lG1JJXaNSTKUqewRoJA271g5k2wz7r8UQ2tNme7NE67syz5diCcyMWT2dVFaUir1kvjyu7Tpn9ZihLZAFkCswVDUIKF8FajIhUiQUv1laPbicnSpxXUYUqq5372hfBiwlBFi3nSzkyS8vYima8t7fQ98B6E8ccThht4fZFPnkaFi6aCoRX8CrHzZTnO4Jzu54StSvp7iM6zYvzeJc9753wpQD8ecKnmjNOmbXCQ9riYeVSlVOR3NkPfaD42sJjHCIIyOto53feJPdM8MBSZVafzGVqIvS4CXhBjlHMMngT2oQ2Cnvson5nNrFZeP1p7z2Zg34XOPJRvf2mM4Hn7MjPgKa4SGC77WGXuZy5Vl3cdxyzvvvXoEGk8dSuq6RYqSa6r2SkN9KuzdUvxDm7UdJyzGsCZSxSNquwZNnU1LzRrXd1zDSbKvCgBlFmaE7EPWQTqJ372Zl15hgXc2R6ojbebAraRMGd66Cqq1ydhT788quiSzelIfSe7bTWup2u1KiN4Cbv2Q1UGs1W4k4R1ER6a6ifLuAsW7xiRkUnuupEcdzU1CCdYIWJZC14TKr7aGcGIEnbMIM8xizdW5ipIlyZbjCXtGktNcdiVWQlULLF167R1AD3LgNPb1R2tACCWGKVejgiN6a7jNSWclnf2XsdmQAShwpDAu61IBcvhuVQwmiArMmCOIV5ZfRFHkoCBcGrVwUu5YbMavnUAEDnRAkvjQP4XCULKG8CNulMQTao7KN6nZnclqlwmFSjEQ2eL9bzFLZX7QkDJqWls7UjJOncaVv7NaoefYLKil7CmJf1IzNRnzKv3duFCalKPzl1FXWdO1znVIEzc62VBfx5BKn4xce4AMSSu4YwMmTT5frSHBXQwh5PbqnzF68minD8YzdLbIiSZ4F4dxzVn6laUWxpAgavBDU5q5dzmgz4LbwI26txlrrVqSuMRkCUyGH8TqF78ReamSn3UhX4xgEAFwBZVgVvCnzFuJq3DfsZELKI4PYVVQp43XOl7fIKEoP97rvCvS2ntGjXZl9zrLiQk4NaFNHDV9o1Dd4AH2q9vLSzI6GtQP3YJtQNLHOH8SPLN2rcEKMbnrtMBfxaSbAYRCTEs16YkBqXib6i9QRpzpdtqFfaacXWIKyaI5N51517FbGdpV7KxEoWo245cyotJP6Mqwh75ScQpPYP4oBdBru75NQupeeIIEqZlf4IPnaMSgVy8o7LZk6ovd92ar1mUK9lbqR5YEMzpQEk4S2sQ8YI5iaoGJqzXuslvyvUDEzSafoCFApmeW5zCPIh8Ui7TYhBQm1tj4Irfpzqd1Yz4bsXlplox3Cfa89JASwwVl4ZFxLhmt7efvmqTocwTwyLCBfo4qmmPK4klbIe92PtvRc3iU6r3Xp1xSretBZQLkTf66hT3xPwxvtpYVvZMjDPAdgXXg3kRRnzFnvpVDszUVWFN7z2LLQCOCRlxAkHGZUeElBp5IGT7Vrt2X4rAQQjJT58aYJqa5F4DEV5b2cMxBY2jKr8KiyleDn8EcorHho22cYajvhyuiK4IwN5Eb3HzeUbMcye2wv7ccqSXVTxaD5OI7TeAQAVsNu8diBQmy8io6534PH8Eys7b99CLSy32jxTt38PfRXBLGVWUyXIZgvfqZCjkdwDLsbo4hQgFJq6qY8sdbBM7f356P1khZcPBJazl7DM4eySkkVV6BeMOf1ZlDKOxIrfQpUrBYwvdd53mhOh6v5dQkxUC8PUW5j4gzw11yGajilMiLnV8j4

Not Before

10/10/2012, 16:56

Not After

31/12/2039, 23:59

Subject

CN=L6Djr44bWml8Xg2K5m8uDjOvTguR4eCUQaJuf6849ZoYBIzyZTQzkQPcNq13E9J3Gc9aoIqj1fQRxfVM12aYYNJSD2FEpdBmuTXggatBPq18ROsCOULKH6WyIjTEFz1RqUyVG5CfXMqleNiU9DH575HOqsoblNsfLLAs5wUaLrWbLXm9KaglpvYY7yauRTfOLTZhnUhYErIwbwltqpZ3gxwYfCt2aeuyKDYY2alZ3I9lG1JJXaNSTKUqewRoJA271g5k2wz7r8UQ2tNme7NE67syz5diCcyMWT2dVFaUir1kvjyu7Tpn9ZihLZAFkCswVDUIKF8FajIhUiQUv1laPbicnSpxXUYUqq5372hfBiwlBFi3nSzkyS8vYima8t7fQ98B6E8ccThht4fZFPnkaFi6aCoRX8CrHzZTnO4Jzu54StSvp7iM6zYvzeJc9753wpQD8ecKnmjNOmbXCQ9riYeVSlVOR3NkPfaD42sJjHCIIyOto53feJPdM8MBSZVafzGVqIvS4CXhBjlHMMngT2oQ2Cnvson5nNrFZeP1p7z2Zg34XOPJRvf2mM4Hn7MjPgKa4SGC77WGXuZy5Vl3cdxyzvvvXoEGk8dSuq6RYqSa6r2SkN9KuzdUvxDm7UdJyzGsCZSxSNquwZNnU1LzRrXd1zDSbKvCgBlFmaE7EPWQTqJ372Zl15hgXc2R6ojbebAraRMGd66Cqq1ydhT788quiSzelIfSe7bTWup2u1KiN4Cbv2Q1UGs1W4k4R1ER6a6ifLuAsW7xiRkUnuupEcdzU1CCdYIWJZC14TKr7aGcGIEnbMIM8xizdW5ipIlyZbjCXtGktNcdiVWQlULLF167R1AD3LgNPb1R2tACCWGKVejgiN6a7jNSWclnf2XsdmQAShwpDAu61IBcvhuVQwmiArMmCOIV5ZfRFHkoCBcGrVwUu5YbMavnUAEDnRAkvjQP4XCULKG8CNulMQTao7KN6nZnclqlwmFSjEQ2eL9bzFLZX7QkDJqWls7UjJOncaVv7NaoefYLKil7CmJf1IzNRnzKv3duFCalKPzl1FXWdO1znVIEzc62VBfx5BKn4xce4AMSSu4YwMmTT5frSHBXQwh5PbqnzF68minD8YzdLbIiSZ4F4dxzVn6laUWxpAgavBDU5q5dzmgz4LbwI26txlrrVqSuMRkCUyGH8TqF78ReamSn3UhX4xgEAFwBZVgVvCnzFuJq3DfsZELKI4PYVVQp43XOl7fIKEoP97rvCvS2ntGjXZl9zrLiQk4NaFNHDV9o1Dd4AH2q9vLSzI6GtQP3YJtQNLHOH8SPLN2rcEKMbnrtMBfxaSbAYRCTEs16YkBqXib6i9QRpzpdtqFfaacXWIKyaI5N51517FbGdpV7KxEoWo245cyotJP6Mqwh75ScQpPYP4oBdBru75NQupeeIIEqZlf4IPnaMSgVy8o7LZk6ovd92ar1mUK9lbqR5YEMzpQEk4S2sQ8YI5iaoGJqzXuslvyvUDEzSafoCFApmeW5zCPIh8Ui7TYhBQm1tj4Irfpzqd1Yz4bsXlplox3Cfa89JASwwVl4ZFxLhmt7efvmqTocwTwyLCBfo4qmmPK4klbIe92PtvRc3iU6r3Xp1xSretBZQLkTf66hT3xPwxvtpYVvZMjDPAdgXXg3kRRnzFnvpVDszUVWFN7z2LLQCOCRlxAkHGZUeElBp5IGT7Vrt2X4rAQQjJT58aYJqa5F4DEV5b2cMxBY2jKr8KiyleDn8EcorHho22cYajvhyuiK4IwN5Eb3HzeUbMcye2wv7ccqSXVTxaD5OI7TeAQAVsNu8diBQmy8io6534PH8Eys7b99CLSy32jxTt38PfRXBLGVWUyXIZgvfqZCjkdwDLsbo4hQgFJq6qY8sdbBM7f356P1khZcPBJazl7DM4eySkkVV6BeMOf1ZlDKOxIrfQpUrBYwvdd53mhOh6v5dQkxUC8PUW5j4gzw11yGajilMiLnV8j4

Extended Key Usages

ExtKeyUsageCodeSigning

1d:73:a5:af:fc:8a:f5:39:c6:94:96:00:04:d5:73:bb:1c:b9:79:de
Signer

Actual PE Digest

1d:73:a5:af:fc:8a:f5:39:c6:94:96:00:04:d5:73:bb:1c:b9:79:de

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadTimes
GetVersionExA
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
OpenProcess
ReleaseMutex
GetStartupInfoW
SetPriorityClass
SetProcessAffinityMask
SetProcessShutdownParameters
TerminateProcess
VerifyVersionInfoW
VirtualAlloc
VirtualFree
WaitForSingleObject
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
GetProcessHeap
GetProcessAffinityMask
GetPriorityClass
GetNumberFormatW
GetModuleHandleW
GetLocaleInfoW
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCommandLineW
FreeLibrary
FormatMessageW
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexW
CreateEventW
GetSystemDirectoryW
lstrcatW
CreateFileW
GetModuleHandleA
GetProcAddress
SetFilePointer
lstrlenA
WriteFile
GetTempPathA
lstrcatA
CreateFileA
SetEvent
CloseHandle

user32

GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetForegroundWindow
GetGuiResources
GetClassInfoW
GetLastActivePopup
GetMenu
GetMenuItemInfoW
GetMessageW
GetProcessWindowStation
GetShellWindow
GetSubMenu
GetSysColor
GetSystemMetrics
GetThreadDesktop
GetUpdateRgn
GetWindow
GetWindowLongA
GetWindowLongW
GetWindowRect
GetWindowThreadProcessId
InternalGetWindowText
InvalidateRect
IsDialogMessageW
IsDlgButtonChecked
IsHungAppWindow
IsIconic
IsWindow
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxW
MonitorFromRect
MoveWindow
OpenDesktopW
OpenIcon
OpenWindowStationW
PostMessageW
PostQuitMessage
PostThreadMessageW
RegisterClassW
RegisterWindowMessageW
GetCursorPos
RemoveMenu
SendMessageTimeoutW
SendMessageW
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetProcessWindowStation
SetThreadDesktop
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
ShowWindowAsync
SwitchToThisWindow
SystemParametersInfoW
TileWindows
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UpdateWindow
wsprintfW
GetAsyncKeyState
FindWindowW
FillRect
EnumWindows
EnumWindowStationsW
EnumDesktopsW
EndTask
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawEdge
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
CreateDialogParamW
CloseWindowStation
CloseDesktop
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharLowerBuffW
GetClientRect
ReleaseDC
GetClassLongW
CascadeWindows
CallWindowProcW
BeginPaint
BeginDeferWindowPos
AllowSetForegroundWindow
GetKeyState

gdi32

SelectObject
Rectangle
MoveToEx
LineTo
GetStockObject
GetDeviceCaps
FillRgn
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
SetRectRgn
BitBlt

advapi32

RegQueryValueExW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegOpenKeyExA
RegSetValueExW
RegOpenKeyW
RegQueryValueExA
RegOpenKeyExW

shell32

Shell_NotifyIconW
ShellAboutW

comctl32

ImageList_Create
ImageList_Remove
ImageList_ReplaceIcon
CreateStatusWindowW
ImageList_SetIconSize

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb7e7989198eddc02d5bba0bebe5b2c3

Code Sign

69:02:bc:c2:9f:6d:3e:bd:48:b9:fb:fb:01:75:aa:feCertificate

Extended Key Usages

1d:73:a5:af:fc:8a:f5:39:c6:94:96:00:04:d5:73:bb:1c:b9:79:deSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Sections

.text Size: 240KB - Virtual size: 239KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 476B

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

69:02:bc:c2:9f:6d:3e:bd:48:b9:fb:fb:01:75:aa:fe
Certificate

1d:73:a5:af:fc:8a:f5:39:c6:94:96:00:04:d5:73:bb:1c:b9:79:de
Signer

.text
Size: 240KB - Virtual size: 239KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 476B

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB