3cebceb4356de549349c2e8b9243b05d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3cebceb4356de549349c2e8b9243b05d_JaffaCakes118
Size

386KB
MD5

3cebceb4356de549349c2e8b9243b05d
SHA1

8f974d02ed6650611fd0af42d3f896f6be41fab5
SHA256

89c9cf0b52a91eec1802127503f412a038ba28134d6c4518050cbc33e73a0aff
SHA512

3851e18f2a7701683ab92bb608c515b35d2c8c95adeee3289cc5a03ea50de5f091c3e6a8b3800e4364f1a98214d1d4b7bfeab444e3a5437ad9d7894efa66fae6
SSDEEP

6144:USL9zP2pvXadDtpxQrjjMzghg6OE38iyqsKj64yv:UShKi7xQ7Mz6/p7j64U

Score

1^/10

Malware Config

Signatures

Files

3cebceb4356de549349c2e8b9243b05d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74853b7d86b2dc051f12c34e5e19dc68

Code Sign

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1
Certificate

Issuer

CN=7Tltl41ROBKK

Not Before

17/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=7Tltl41ROBKK

Extended Key Usages

ExtKeyUsageCodeSigning

22:b2:a9:bb:15:f0:50:5f:66:13:71:fe:f8:f5:70:7d:4e:cd:8a:6c
Signer

Actual PE Digest

22:b2:a9:bb:15:f0:50:5f:66:13:71:fe:f8:f5:70:7d:4e:cd:8a:6c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetLogicalDriveStringsA
LoadLibraryW
FindFirstVolumeMountPointA
UpdateResourceA
GetProcessTimes
CopyFileExW
CreateProcessA
WinExec
lstrcmpiA
GetHandleInformation
FreeUserPhysicalPages
WriteConsoleInputA
CreateJobObjectA
ChangeTimerQueueTimer
MoveFileWithProgressA
HeapFree
FoldStringW
lstrcmpW
GetProcessAffinityMask
GetSystemTimeAsFileTime
ProcessIdToSessionId
EnumDateFormatsExA
GetCurrentProcess
SwitchToThread
GetCommModemStatus
ResetEvent
GetSystemInfo
lstrcatA
RtlUnwind
SetConsoleCursorPosition
GetVolumeInformationA
AddAtomW
GetMailslotInfo
EnumUILanguagesA
SetConsoleCP
HeapDestroy
WaitForDebugEvent
SetConsoleWindowInfo
GetProcessIoCounters
BuildCommDCBW
GetWindowsDirectoryW
CopyFileW
GetCommProperties
WritePrivateProfileStructW
ScrollConsoleScreenBufferW
TlsSetValue
GetThreadSelectorEntry
InitAtomTable
GetConsoleCursorInfo
MoveFileExW
ExpandEnvironmentStringsA
GetACP
GlobalUnfix
SetProcessWorkingSetSize
VerLanguageNameW
CreateIoCompletionPort
ContinueDebugEvent
GetCalendarInfoA
CompareStringA
ReadConsoleOutputCharacterA
WriteTapemark
WriteConsoleOutputA
SetEnvironmentVariableA
UnhandledExceptionFilter
FatalAppExitW
GetCurrencyFormatA
SystemTimeToTzSpecificLocalTime
TransmitCommChar
GetLocalTime
DeleteFiber
GetCompressedFileSizeW
CancelTimerQueueTimer
FlushFileBuffers
EnumSystemLanguageGroupsA
LocalLock
GetStdHandle
DeleteFileW
WriteConsoleOutputAttribute
HeapCreate
Heap32ListFirst
GetSystemTimeAdjustment
GetQueuedCompletionStatus
SystemTimeToFileTime
GetCurrentConsoleFont
GetCalendarInfoW
GetDevicePowerState
GetFileInformationByHandle
FindResourceA
DisconnectNamedPipe
EnumCalendarInfoA
WriteConsoleOutputCharacterW
GlobalFindAtomA
WaitForSingleObjectEx
CreateDirectoryExW
PulseEvent
SetStdHandle
IsBadHugeWritePtr
QueryDosDeviceW
DnsHostnameToComputerNameW
GetConsoleAliasExesA
GetPrivateProfileStringA
LocalFlags
ResetWriteWatch
GetSystemDirectoryA
SetConsoleTitleA
InterlockedCompareExchange
SetConsoleCtrlHandler
LoadResource
WaitForMultipleObjects
GetThreadTimes
ReadConsoleW
GetPrivateProfileSectionA
InitializeCriticalSection
GetProfileIntW
CreateDirectoryA
FindNextFileW
lstrcpyA
GetConsoleAliasW
GetConsoleWindow
GetDateFormatA
GetProfileStringA
Process32First
CreateTimerQueueTimer
QueryPerformanceFrequency
lstrcmp
SetThreadExecutionState
WritePrivateProfileSectionW
OpenWaitableTimerA
GlobalMemoryStatusEx
SetHandleCount
CloseHandle
ReadConsoleOutputCharacterW
IsBadCodePtr
FormatMessageW
EnumResourceNamesW
GetProfileStringW
GetVolumeNameForVolumeMountPointA
DefineDosDeviceA
SetMessageWaitingIndicator
SetWaitableTimer
IsValidLocale
GetCurrentProcessId
lstrcpy
GetEnvironmentStringsW
GetConsoleTitleW
GetOEMCP
SetInformationJobObject
FindFirstVolumeA
SearchPathW
GetTempPathA
RtlZeroMemory
CompareStringW
QueryInformationJobObject
MoveFileWithProgressW
FlushInstructionCache
Process32FirstW
SetFilePointerEx
GetLocaleInfoW
GetConsoleAliasExesW
ConnectNamedPipe
LocalUnlock
IsBadStringPtrA
GetProcessVersion
IsBadReadPtr
SetCurrentDirectoryW
GetFileSizeEx
GenerateConsoleCtrlEvent
FindFirstFileExA
DeviceIoControl
LockResource
LCMapStringW
GetTimeFormatW
SearchPathA
EnumDateFormatsA
CreateNamedPipeA
GlobalGetAtomNameA
GetConsoleCP
VirtualProtectEx
LoadLibraryExW
GlobalCompact
GetCurrentThreadId
GetSystemDefaultUILanguage
DnsHostnameToComputerNameA
ReadConsoleInputW
SetFileTime
GetConsoleDisplayMode
ReadConsoleInputA
CreateTapePartition
Process32NextW
GetWriteWatch
Beep
SetConsoleOutputCP
CreateHardLinkW
CreateMailslotW
DeleteTimerQueue
CreateRemoteThread
GetThreadContext
FillConsoleOutputAttribute
Heap32ListNext
ExitProcess
FillConsoleOutputCharacterW
WaitForSingleObject
OutputDebugStringA
MapUserPhysicalPagesScatter
GetCurrentDirectoryA
SetComputerNameW
TryEnterCriticalSection
AssignProcessToJobObject
LoadLibraryExA
GetNamedPipeHandleStateA
FindNextFileA
lstrcpynW
VirtualLock
TlsGetValue
CreateMutexW
IsBadWritePtr
lstrcpynA
AddConsoleAliasA
TlsFree
GetEnvironmentStringsA
GetVersionExW
WriteFileGather
GetModuleFileNameA
RemoveDirectoryA
GetComputerNameW
ReadFileEx
lstrlenW
EnumLanguageGroupLocalesW
CreateSemaphoreA
GetConsoleTitleA
GetBinaryTypeW
TransactNamedPipe
GetCommTimeouts
Sleep
UnlockFileEx
UnmapViewOfFile
FindCloseChangeNotification
GetPrivateProfileSectionW
LocalFree
FindAtomW
GetCommandLineA
GetStringTypeExW
GetLargestConsoleWindowSize
OpenProcess
LCMapStringA
HeapCompact

gdi32

OffsetViewportOrgEx
SetViewportExtEx
GetStretchBltMode
SetLayoutWidth
GetCharWidthW
GdiFlush
GetMetaFileA
GdiDllInitialize
GetGlyphOutline
CreateEllipticRgnIndirect
PtVisible
GetClipBox
SetBoundsRect
GetEnhMetaFileBits
SetPolyFillMode
GdiEntry4
EngFindResource
SetMetaFileBitsEx
EngCreateDeviceBitmap
GdiEntry14
GetRegionData
GetMetaFileW
CreateEnhMetaFileA
EngDeletePalette
AddFontResourceExA
GetNearestPaletteIndex
StrokeAndFillPath
SetPixelFormat
CreatePolygonRgn
XFORMOBJ_bApplyXform
CreateRoundRectRgn
GdiEntry5
GdiGetSpoolMessage
GdiEndPageEMF
GdiConsoleTextOut
GetArcDirection
EndDoc
ExtCreatePen
GdiEntry6
PATHOBJ_vEnumStartClipLines
RemoveFontResourceExA
EqualRgn
GdiProcessSetup
CreateScalableFontResourceW
cGetTTFFromFOT
GetCharWidthInfo
PathToRegion
Polygon
GdiCleanCacheDC
PolyPolyline
LPtoDP
SetMagicColors
GdiCreateLocalEnhMetaFile
GetEUDCTimeStampExW
CreateCompatibleBitmap
CLIPOBJ_ppoGetPath
GetPath
SaveDC
FrameRgn
ResetDCA
GdiDeleteLocalDC
GdiGetPageHandle
ExtFloodFill
GetBkColor
EngComputeGlyphSet
GetTextExtentExPointWPri
GetPolyFillMode
GdiGetCodePage
GdiValidateHandle
GetOutlineTextMetricsW
CreateBrushIndirect
GetStringBitmapA
CopyEnhMetaFileA
CancelDC
EngStretchBltROP
EngCheckAbort
IntersectClipRect
GetTextMetricsA
GdiStartDocEMF
CreateEnhMetaFileW
GdiEntry8
GetAspectRatioFilterEx
GetTextExtentPointI
PlgBlt
SetBitmapDimensionEx
PolylineTo
FlattenPath
GetWinMetaFileBits
DeviceCapabilitiesExA
GdiConvertEnhMetaFile
GetColorAdjustment

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74853b7d86b2dc051f12c34e5e19dc68

Code Sign

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1Certificate

Extended Key Usages

22:b2:a9:bb:15:f0:50:5f:66:13:71:fe:f8:f5:70:7d:4e:cd:8a:6cSigner

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 365KB - Virtual size: 365KB

.text4 Size: 1024B - Virtual size: 1000B

.text3 Size: 1024B - Virtual size: 1000B

.text2 Size: 2KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1
Certificate

22:b2:a9:bb:15:f0:50:5f:66:13:71:fe:f8:f5:70:7d:4e:cd:8a:6c
Signer

.text
Size: 365KB - Virtual size: 365KB

.text4
Size: 1024B - Virtual size: 1000B

.text3
Size: 1024B - Virtual size: 1000B

.text2
Size: 2KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB