37fc7c859791e466a48c8a7469e3fccb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

37fc7c859791e466a48c8a7469e3fccb_JaffaCakes118
Size

277KB
MD5

37fc7c859791e466a48c8a7469e3fccb
SHA1

47d8254479808199493274e07ac48dc7ad40c961
SHA256

d2fce468a8b084e4cbb16bced3ed970ab1eb845aa52c5197f807767bafa6d211
SHA512

a743919d110a2be0cada17fa130569eacd9bdc388f79c76ae77d8c9d5fc5814927c64ed1244823e1d6106aa950ce1272f6d940c7a36d70a5f1d5ad2a29f9b022
SSDEEP

6144:bGxvBCitKxofjsAwQaEexIgdNptjxn5u6FbY0R:bGxvBgxoreQXJW7bn5u6FbX

Score

1^/10

Malware Config

Signatures

Files

37fc7c859791e466a48c8a7469e3fccb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1485a3c41464586313be493802e56161

Code Sign

23:5d:a6:d5:62:45:27:ac:4d:78:92:49:64:c0:e4:70
Certificate

Issuer

CN=nHyf1yTMeGbZX4U

Not Before

13/04/2012, 11:21

Not After

31/12/2039, 23:59

Subject

CN=nHyf1yTMeGbZX4U

Extended Key Usages

ExtKeyUsageCodeSigning

1b:51:8a:74:b9:57:9a:fe:97:0b:2d:9a:15:29:31:e9:67:ab:22:bc
Signer

Actual PE Digest

1b:51:8a:74:b9:57:9a:fe:97:0b:2d:9a:15:29:31:e9:67:ab:22:bc

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumSystemLocalesW
EnumTimeFormatsA
ExpandEnvironmentStringsW
FindAtomA
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstVolumeMountPointW
FindNextFileA
FindNextFileW
FindNextVolumeA
FindNextVolumeMountPointA
FindResourceExW
FlushFileBuffers
FoldStringA
FormatMessageA
FreeLibrary
GenerateConsoleCtrlEvent
GetCPInfoExW
GetCalendarInfoA
GetCalendarInfoW
GetCommandLineA
GetConsoleAliasA
GetConsoleCP
GetConsoleDisplayMode
GetConsoleTitleW
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExA
GetFileType
GetOEMCP
GetPrivateProfileStringW
GetProfileIntA
GetProfileStringW
GetQueuedCompletionStatus
GetShortPathNameW
GetStringTypeW
GetSystemTimeAdjustment
GetSystemWindowsDirectoryW
GetTempPathA
GetTempPathW
GetTimeZoneInformation
GetVolumePathNameA
GlobalAlloc
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
GlobalHandle
GlobalUnWire
GlobalUnlock
GlobalWire
Heap32First
Heap32ListNext
Heap32Next
InitAtomTable
IsBadHugeWritePtr
IsDBCSLeadByte
IsDebuggerPresent
LoadLibraryA
EnumResourceNamesA
LocalShrink
LocalSize
MapUserPhysicalPagesScatter
Module32First
MoveFileExA
MoveFileWithProgressA
OpenEventW
OpenSemaphoreA
OpenWaitableTimerW
OutputDebugStringW
PostQueuedCompletionStatus
Process32Next
PurgeComm
QueueUserAPC
QueueUserWorkItem
ReadConsoleOutputAttribute
ReadProcessMemory
ReleaseMutex
ResetWriteWatch
ResumeThread
SetCalendarInfoW
SetComputerNameExW
SetComputerNameW
SetConsoleTitleA
SetCurrentDirectoryA
SetEvent
SetFileApisToANSI
SetFileApisToOEM
SetLocalTime
SetProcessAffinityMask
SetSystemTimeAdjustment
SetTapeParameters
SetTapePosition
SetThreadExecutionState
SetThreadLocale
SetWaitableTimer
SetupComm
SwitchToThread
TerminateJobObject
TerminateThread
TlsGetValue
TryEnterCriticalSection
UpdateResourceA
VirtualProtect
WaitCommEvent
WaitForMultipleObjectsEx
WaitForSingleObjectEx
WriteConsoleOutputW
WritePrivateProfileStringW
WriteProcessMemory
_llseek
lstrcmp
lstrcmpiA
lstrcpynA
lstrcpynW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
EnumResourceLanguagesW
EnumDateFormatsA
EnumCalendarInfoA
EndUpdateResourceA
DisconnectNamedPipe
DeleteFileW
DeleteCriticalSection
CreateToolhelp32Snapshot
CreateThread
CreateTapePartition
CreateMutexW
CreateMutexA
ConnectNamedPipe
CancelDeviceWakeupRequest
BuildCommDCBA
BackupWrite
AddAtomW
AddAtomA
VirtualAllocEx
DosDateTimeToFileTime
GetWindowsDirectoryA
lstrcatA
LoadResource
CreateFileA
SetUnhandledExceptionFilter

user32

CloseWindowStation
CharPrevW
CopyRect
ChangeDisplaySettingsExA
CallWindowProcW
CallMsgFilterA
CountClipboardFormats
CreateIconFromResourceEx
CreateWindowStationW
DdeConnectList
DdeGetLastError
DdeImpersonateClient
DdeNameService
DdeQueryConvInfo
DdeQueryStringA
DefDlgProcA
DefMDIChildProcA
DeleteMenu
DestroyIcon
DispatchMessageA
DispatchMessageW
DlgDirListA
DlgDirListComboBoxW
WinHelpW
ValidateRect
UnregisterDeviceNotification
UnpackDDElParam
UnhookWindowsHookEx
TranslateMDISysAccel
TrackPopupMenuEx
ToUnicode
TileChildWindows
SystemParametersInfoA
SetWindowsHookExW
SetWindowsHookExA
SetWindowTextW
SetWindowTextA
SetWinEventHook
SetUserObjectInformationW
SetScrollPos
SetPropA
SetProcessDefaultLayout
SetMenu
SetDlgItemTextW
SetDeskWallpaper
SetDebugErrorLevel
SetClassWord
SetCaretPos
SetActiveWindow
SendNotifyMessageW
SendDlgItemMessageA
RegisterWindowMessageW
RegisterDeviceNotificationA
RegisterClipboardFormatW
PostThreadMessageA
PostMessageA
PeekMessageA
OpenWindowStationW
OpenClipboard
OemToCharA
ModifyMenuA
MessageBoxIndirectA
MessageBoxExW
MessageBeep
MenuItemFromPoint
MapVirtualKeyExW
LockWindowUpdate
LockSetForegroundWindow
LoadStringW
LoadMenuW
LoadMenuIndirectW
LoadMenuIndirectA
LoadKeyboardLayoutA
IsWindowVisible
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuItemW
InSendMessage
IMPGetIMEW
HiliteMenuItem
GetWindowThreadProcessId
DlgDirSelectExW
GetWindowTextA
GetWindowModuleFileNameA
GetWindowLongW
GetWindowContextHelpId
GetWindow
GetUpdateRgn
GetUpdateRect
GetScrollPos
GetPropW
GetProcessWindowStation
GetProcessDefaultLayout
GetMenuItemInfoW
GetMenuItemID
GetMenuContextHelpId
GetLastActivePopup
GetKeyboardType
GetKeyboardLayout
GetInputState
GetGUIThreadInfo
GetDoubleClickTime
GetDlgItemInt
GetDlgItem
GetDialogBaseUnits
GetCursor
GetClipboardOwner
GetClipCursor
GetClientRect
GetClassWord
GetClassNameW
GetCaretPos
GetCaretBlinkTime
GetAncestor
FreeDDElParam
EnumWindows
EnumThreadWindows
EnumPropsExW
EnumDisplaySettingsExA
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDisplayDevicesA
EnumDesktopWindows
EndDeferWindowPos
EnableScrollBar
EnableMenuItem
DrawFocusRect
DrawCaption
CharLowerBuffA
DragDetect
BroadcastSystemMessageW
BroadcastSystemMessageA
BeginDeferWindowPos
AppendMenuA
GetWindowTextLengthA

comdlg32

ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
ChooseFontA
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
GetSaveFileNameW
ChooseColorA
ChooseColorW

advapi32

RegOpenKeyExW

oleaut32

VariantTimeToDosDateTime
VariantCopyInd
VariantChangeTypeEx
VariantChangeType
VarUI4FromUI2
VarUI4FromI2
VarUI4FromDisp
VarUI4FromDec
VarUI4FromBool
VarUI2FromR8
VarUI2FromR4
VarUI2FromI2
VarUI2FromDec
VarUI2FromDate
VarUI2FromCy
VarUI1FromI2
VarUI1FromDec
VarUI1FromBool
VarTokenizeFormatString
VarRound
VarR8FromI1
VarR8FromDec
VarR8FromBool
VarR4FromUI4
VarR4FromUI2
VarR4FromUI1
VarR4FromR8
VarR4FromI4
VarR4FromI2
VarR4FromI1
VarR4FromDec
VarOr
VarMod
VarImp
VarI4FromUI4
VarI4FromUI2
VarI4FromStr
VarI4FromDisp
VarI4FromBool
VarI2FromUI1
VarI2FromStr
VarI2FromR8
VarI2FromDisp
VarI1FromUI4
VarI1FromI2
VarI1FromDec
VarI1FromBool
VarFormatPercent
VarFormatNumber
VarFormatFromTokens
VarFormatDateTime
VarFormatCurrency
VarDiv
VarDecNeg
VarDecFromUI2
VarDecFromStr
VarDecFromI4
VarDecFromI2
VarDecFromDate
VarDecFromCy
VarDecFix
VarDecCmp
VarDateFromUdate
VarDateFromUI4
VarDateFromUI1
VarDateFromStr
VarDateFromR8
VarDateFromI2
VarDateFromDec
VarCyNeg
VarCyMul
VarCyInt
VarCyFromStr
VarCyFromI1
VarCyFromDec
VarCyFromDate
VarCyCmp
VarCyAdd
VarCyAbs
VarCmp
VarCat
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromI4
VarBstrFromI2
VarBstrFromI1
VarBstrFromCy
VarBoolFromUI4
VarBoolFromR8
VarBoolFromDisp
VarBoolFromDec
VarBoolFromDate
VarAbs
VARIANT_UserFree
SysStringByteLen
SysReAllocStringLen
SysAllocStringLen
SafeArrayPutElement
SafeArrayGetVartype
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroy
SafeArrayCreateVectorEx
SafeArrayAllocDescriptor
SafeArrayAllocData
RegisterActiveObject
QueryPathOfRegTypeLi
OleLoadPicturePath
OleLoadPicture
OleIconToCursor
OleCreatePropertyFrameIndirect
OleCreateFontIndirect
OaBuildVersion
OACreateTypeLib2
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_Size
GetAltMonthNames
GetActiveObject
DosDateTimeToVariantTime
DispGetParam
BstrFromVector
BSTR_UserSize
BSTR_UserFree
VariantTimeToSystemTime

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1485a3c41464586313be493802e56161

Code Sign

23:5d:a6:d5:62:45:27:ac:4d:78:92:49:64:c0:e4:70Certificate

Extended Key Usages

1b:51:8a:74:b9:57:9a:fe:97:0b:2d:9a:15:29:31:e9:67:ab:22:bcSigner

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

oleaut32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 254KB - Virtual size: 254KB

.d2 Size: 1024B - Virtual size: 1000B

.d3 Size: 1024B - Virtual size: 1000B

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 3KB - Virtual size: 3KB

23:5d:a6:d5:62:45:27:ac:4d:78:92:49:64:c0:e4:70
Certificate

1b:51:8a:74:b9:57:9a:fe:97:0b:2d:9a:15:29:31:e9:67:ab:22:bc
Signer

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 254KB - Virtual size: 254KB

.d2
Size: 1024B - Virtual size: 1000B

.d3
Size: 1024B - Virtual size: 1000B

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 3KB - Virtual size: 3KB