3818123c45d650d8f8df3abbdef41846_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3818123c45d650d8f8df3abbdef41846_JaffaCakes118
Size

200KB
MD5

3818123c45d650d8f8df3abbdef41846
SHA1

da2f8291e0d3eff080100791ed3d7ec352c62585
SHA256

d128ce75b1167811d29f3460902bd759d7b799b8b25734752157884f5242fd7f
SHA512

b2d771bf0fd02e2ef209839f799048ff1081aeacdfef5c44ed9e1e91b2c51ecae6555d1cfbde6f4427bf5917aa7918f1ff9ff21eeae16955a3b7696eccb7c57f
SSDEEP

3072:mqPgG75vyDw84HIG9mkgYjX7wT6XfFNImkch80qOlAPWdX45rx2I8OLjOBtx6YSE:Bm4Hx9mkgYj0T+y90K+Xm2ExYSTFy

Score

1^/10

Malware Config

Signatures

Files

3818123c45d650d8f8df3abbdef41846_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ebe43362990fdea785ab8fc4d7ba7318

Code Sign

42:c1:0b:d5:f6:96:d8:4b:b7:00:27:f2:e7:fa:82:d1
Certificate

Issuer

CN=UXMnnEwBg7dRmHM

Not Before

08/04/2012, 09:02

Not After

31/12/2039, 23:59

Subject

CN=UXMnnEwBg7dRmHM

Extended Key Usages

ExtKeyUsageCodeSigning

9a:24:45:4a:1d:b2:70:18:45:d1:78:39:95:cf:1c:ee:e8:90:3d:9e
Signer

Actual PE Digest

9a:24:45:4a:1d:b2:70:18:45:d1:78:39:95:cf:1c:ee:e8:90:3d:9e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BeginUpdateResourceW
CallNamedPipeW
CancelWaitableTimer
ConvertThreadToFiber
CreateConsoleScreenBuffer
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateMutexA
CreatePipe
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EndUpdateResourceA
EnumLanguageGroupLocalesA
EnumSystemCodePagesA
EnumSystemLocalesW
EnumTimeFormatsW
EraseTape
ExitThread
FatalAppExitA
FillConsoleOutputCharacterA
FlushViewOfFile
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeResource
FreeUserPhysicalPages
GetBinaryTypeA
GetCPInfoExW
GetCommTimeouts
GetCompressedFileSizeW
GetComputerNameA
GetDateFormatA
GetDefaultCommConfigW
GetDiskFreeSpaceA
GetDriveTypeW
GetFileTime
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetOverlappedResult
GetPriorityClass
GetPrivateProfileSectionNamesA
GetProcessIoCounters
GetShortPathNameA
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetThreadPriorityBoost
GetTimeZoneInformation
GetVolumePathNameA
GetWindowsDirectoryA
Beep
GlobalUnlock
InterlockedCompareExchange
IsBadCodePtr
IsBadStringPtrW
LocalAlloc
LocalHandle
LocalLock
Module32Next
MulDiv
OpenEventW
OpenJobObjectA
OpenSemaphoreA
OpenThread
PulseEvent
PurgeComm
QueryDosDeviceW
ReplaceFile
RequestWakeupLatency
ResetEvent
ResumeThread
RtlZeroMemory
SetCommBreak
SetCommState
SetComputerNameA
SetConsoleCursorInfo
SetConsoleTitleA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetEvent
SetFilePointerEx
SetLocaleInfoA
SetMailslotInfo
SetNamedPipeHandleState
SetSystemTime
SetThreadExecutionState
SetTimerQueueTimer
SetUnhandledExceptionFilter
SetVolumeMountPointA
SetWaitableTimer
TlsAlloc
UpdateResourceA
VirtualAllocEx
VirtualProtect
VirtualQueryEx
WaitForDebugEvent
WaitForSingleObject
WaitNamedPipeA
WriteConsoleInputA
WriteConsoleOutputA
WriteFileGather
WritePrivateProfileSectionA
_lclose
lstrcatA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
AllocConsole
AddConsoleAliasW
GlobalHandle
VirtualAlloc
IsDebuggerPresent

user32

ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsW
ChangeMenuA
CharLowerW
CharPrevW
CharToOemW
CharUpperBuffA
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClipCursor
CloseWindow
CloseWindowStation
CopyAcceleratorTableW
CopyIcon
CreateAcceleratorTableW
CreateCursor
CreateDesktopA
CreateDialogIndirectParamA
CreateDialogParamA
CreateDialogParamW
CreateIconFromResource
CreateIconIndirect
CreateWindowStationW
DdeAddData
DdeClientTransaction
DdeCreateDataHandle
DdeDisconnect
DdeEnableCallback
DdeFreeDataHandle
DdeGetData
DdeInitializeW
DdeKeepStringHandle
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeReconnect
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefFrameProcA
DefWindowProcA
DefWindowProcW
DeregisterShellHookWindow
DestroyCaret
DestroyIcon
DestroyMenu
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DlgDirSelectExA
DlgDirSelectExW
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
DrawTextExA
ChangeClipboardChain
EmptyClipboard
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EnumDesktopWindows
EnumDesktopsA
EnumDisplayDevicesA
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumPropsA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsW
ExitWindowsEx
FindWindowExA
FindWindowExW
FreeDDElParam
GetActiveWindow
GetAltTabInfo
GetAltTabInfoW
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassNameA
GetClassWord
GetClipboardData
GetClipboardOwner
GetComboBoxInfo
GetCursor
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetFocus
GetGUIThreadInfo
GetIconInfo
GetInputDesktop
GetInputState
GetKBCodePage
GetKeyNameTextW
GetKeyboardState
GetLastInputInfo
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuItemInfoA
GetMenuStringA
GetMessageExtraInfo
GetMessagePos
GetMonitorInfoW
GetNextDlgTabItem
GetOpenClipboardWindow
GetPriorityClipboardFormat
GetProcessWindowStation
GetPropW
GetQueueStatus
GetScrollBarInfo
GetSubMenu
GetSysColor
GetSystemMetrics
GetThreadDesktop
GetTitleBarInfo
GetTopWindow
GetUpdateRgn
GetUserObjectInformationA
GetWindow
GetWindowModuleFileNameA
GetWindowPlacement
GetWindowTextA
GetWindowTextW
GetWindowThreadProcessId
IMPGetIMEA
IMPGetIMEW
IMPQueryIMEA
IMPSetIMEW
InsertMenuW
InternalGetWindowText
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerA
IsChild
IsDialogMessageA
IsDialogMessageW
IsHungAppWindow
IsIconic
KillTimer
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorW
LoadImageA
LoadKeyboardLayoutA
LoadMenuIndirectW
LoadMenuW
LoadStringA
LookupIconIdFromDirectory
LookupIconIdFromDirectoryEx
MapVirtualKeyExA
MapVirtualKeyExW
MessageBoxExA
MessageBoxExW
MessageBoxW
MoveWindow
MsgWaitForMultipleObjectsEx
OemKeyScan
OemToCharBuffA
OpenDesktopA
OpenDesktopW
OpenWindowStationW
PostMessageA
PostMessageW
PostThreadMessageA
RedrawWindow
RegisterClassExA
RegisterClipboardFormatA
RegisterHotKey
RegisterWindowMessageA
ReleaseDC
RemoveMenu
ReuseDDElParam
ScreenToClient
SendDlgItemMessageW
SendIMEMessageExW
SendInput
SendMessageA
SendMessageCallbackW
SetCapture
SetClassLongW
SetCursor
SetCursorPos
SetDeskWallpaper
SetLayeredWindowAttributes
SetMenu
SetProcessWindowStation
SetPropA
SetRectEmpty
SetScrollInfo
SetShellWindow
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowWord
SetWindowsHookExW
ShowCaret
ShowScrollBar
ShowWindow
ShowWindowAsync
SubtractRect
SwitchDesktop
SystemParametersInfoA
TabbedTextOutW
ToAscii
ToAsciiEx
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHook
UnionRect
UnregisterDeviceNotification
UpdateLayeredWindow
UpdateWindow
UserHandleGrantAccess
ValidateRect
ValidateRgn
VkKeyScanExA
VkKeyScanW
WinHelpA
WindowFromDC
WindowFromPoint
keybd_event
CascadeChildWindows
CallWindowProcA
BroadcastSystemMessageA
BlockInput
AppendMenuA
AnyPopup
AdjustWindowRectEx
ActivateKeyboardLayout
DrawTextExW

gdi32

GetStockObject

advapi32

RegOpenKeyW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebe43362990fdea785ab8fc4d7ba7318

Code Sign

42:c1:0b:d5:f6:96:d8:4b:b7:00:27:f2:e7:fa:82:d1Certificate

Extended Key Usages

9a:24:45:4a:1d:b2:70:18:45:d1:78:39:95:cf:1c:ee:e8:90:3d:9eSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 180KB - Virtual size: 181KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 2KB - Virtual size: 2KB

42:c1:0b:d5:f6:96:d8:4b:b7:00:27:f2:e7:fa:82:d1
Certificate

9a:24:45:4a:1d:b2:70:18:45:d1:78:39:95:cf:1c:ee:e8:90:3d:9e
Signer

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 180KB - Virtual size: 181KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 2KB - Virtual size: 2KB