3dee5f0472e532a150a9428c23a456e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3dee5f0472e532a150a9428c23a456e6_JaffaCakes118
Size

203KB
MD5

3dee5f0472e532a150a9428c23a456e6
SHA1

6b411a3992201ad836267cc987a2e899d74770a0
SHA256

9a0c235e22d9cbbab993ed65c71a7401a57c6d631d79383a1419b81c856b3678
SHA512

4cbd034908010a52cab0510ac8a5ffa881188307e5dad0503b76e503ff60a295d59f734c32625fc384ab241f7186a96bcb8e85e1000af312bf113c3ceda272c0
SSDEEP

3072:zwlWypFEFuOxPE2qrr0TxQ8NaaNn0lDCGnc/QfWushHidRwZIKwU6GzuJh:zIbQU/r0u8HF8DHnNOushHswZIzV5

Score

1^/10

Malware Config

Signatures

Files

3dee5f0472e532a150a9428c23a456e6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

eba752b227126e52b58b6098c61c2218

Code Sign

3f:fa:f8:47:7f:bc:c5:7a:bd:e2:18:b5:13:39:23:ba
Certificate

Issuer

CN=UX4KxV2xwdS0

Not Before

12/03/2012, 15:26

Not After

31/12/2039, 23:59

Subject

CN=UX4KxV2xwdS0

Extended Key Usages

ExtKeyUsageCodeSigning

7b:ea:be:23:0d:23:ee:98:ce:4a:5f:be:f5:2d:86:c7:11:68:01:d9
Signer

Actual PE Digest

7b:ea:be:23:0d:23:ee:98:ce:4a:5f:be:f5:2d:86:c7:11:68:01:d9

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
lstrlenA
lstrcpyA
GetWindowsDirectoryA
AddAtomA
AddConsoleAliasA
CompareStringW
CreateJobObjectA
CreatePipe
CreateProcessA
CreateToolhelp32Snapshot
DefineDosDeviceA
DefineDosDeviceW
DeleteAtom
DeleteFiber
DeviceIoControl
DosDateTimeToFileTime
EnterCriticalSection
EnumDateFormatsW
EnumSystemLanguageGroupsA
EraseTape
FatalAppExitA
FatalAppExitW
FatalExit
FindFirstVolumeMountPointW
FindNextFileW
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceExA
FindResourceExW
FlushFileBuffers
GetAtomNameW
GetBinaryTypeW
GetComputerNameExW
GetComputerNameW
GetConsoleAliasExesA
GetConsoleCursorInfo
GetConsoleOutputCP
GetConsoleTitleW
GetCurrencyFormatA
GetCurrentDirectoryA
GetDiskFreeSpaceExW
GetEnvironmentVariableA
GetFileSize
GetLocaleInfoW
GetNumberFormatA
GetPrivateProfileSectionA
ExitProcess
GetShortPathNameA
GetStringTypeExW
GetSystemInfo
GetTapePosition
GetThreadLocale
GetThreadTimes
GetTimeZoneInformation
GetVolumePathNameA
GlobalHandle
GlobalReAlloc
HeapCompact
IsBadStringPtrA
IsDBCSLeadByteEx
IsValidLanguageGroup
LocalFlags
LocalHandle
LockFile
QueryPerformanceCounter
QueueUserWorkItem
ReadConsoleOutputAttribute
ReadConsoleW
RtlZeroMemory
SetCriticalSectionSpinCount
SetEnvironmentVariableA
SetFileAttributesW
SetFilePointerEx
SetFileTime
SetLastError
SetStdHandle
SetSystemTime
SetThreadLocale
SwitchToThread
Thread32Next
TlsGetValue
UnhandledExceptionFilter
UnlockFile
UpdateResourceW
VirtualLock
VirtualProtectEx
WaitForMultipleObjects
WriteConsoleW
WriteFile
WriteProcessMemory
WriteProfileStringA
WriteTapemark
_llseek
lstrcmpiW
GetProfileSectionW
VirtualAlloc

user32

SendInput
SendMessageA
SendMessageW
SetActiveWindow
SetCursorPos
SetDeskWallpaper
SetMessageQueue
SetPropA
SetScrollInfo
SetWindowRgn
SetWindowWord
TileWindows
UnhookWindowsHookEx
UnloadKeyboardLayout
UnpackDDElParam
UnregisterClassA
UnregisterDeviceNotification
UpdateWindow
ValidateRgn
VkKeyScanExA
WINNLSEnableIME
WaitMessage
keybd_event
wsprintfA
ScreenToClient
ReleaseCapture
RegisterWindowMessageW
PostThreadMessageA
PostMessageW
PaintDesktop
OemToCharW
OemToCharBuffW
MonitorFromWindow
MapVirtualKeyExA
MapVirtualKeyA
LoadStringA
LoadMenuIndirectW
LoadCursorFromFileW
IsWindowUnicode
IsIconic
IsDialogMessageA
IsClipboardFormatAvailable
InvalidateRgn
HiliteMenuItem
GrayStringW
GetWindowTextW
GetWindowModuleFileName
GetUserObjectInformationW
GetTabbedTextExtentW
GetTabbedTextExtentA
GetParent
GetMouseMovePointsEx
GetMessageTime
GetMenuState
GetMenuContextHelpId
GetLastActivePopup
GetKeyboardType
GetDlgItemTextW
GetDesktopWindow
GetCursor
GetClipCursor
GetAncestor
GetAltTabInfo
ExcludeUpdateRgn
EnumWindowStationsW
EnumDisplaySettingsW
EndMenu
EditWndProc
DrawTextExA
DrawStateA
DlgDirSelectExW
DlgDirSelectComboBoxExW
DialogBoxParamA
DdeGetLastError
DdeGetData
DdeFreeStringHandle
DdeDisconnect
DdeCreateStringHandleW
DdeCreateStringHandleA
CreateWindowStationA
CreateMDIWindowW
CreateAcceleratorTableA
CountClipboardFormats
CloseWindowStation
CheckRadioButton
CharToOemBuffA
CharLowerBuffA
CascadeWindows
BlockInput
BeginDeferWindowPos
AppendMenuW
GetComboBoxInfo

advapi32

RegOpenKeyExW

shell32

Shell_NotifyIconA
ShellHookProc
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteEx
ShellAboutA
SHQueryRecycleBinA
CheckEscapesW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragFinish
DragQueryFile
DragQueryFileAorW
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableW
SHAppBarMessage
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHPathPrepareForWriteW
SHFileOperation
SHFormatDrive
SHFreeNameMappings
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHInvokePrinterCommandA
SHInvokePrinterCommandW
SHIsFileAvailableOffline
SHLoadNonloadedIconOverlayIdentifiers
SHPathPrepareForWriteA

shlwapi

StrChrA
StrChrIA
StrChrIW
StrCmpNA
StrCmpNIW
StrRChrA
StrRChrW
StrRStrIA
StrStrIW
StrRStrIW

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eba752b227126e52b58b6098c61c2218

Code Sign

3f:fa:f8:47:7f:bc:c5:7a:bd:e2:18:b5:13:39:23:baCertificate

Extended Key Usages

7b:ea:be:23:0d:23:ee:98:ce:4a:5f:be:f5:2d:86:c7:11:68:01:d9Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 188KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 100B

.text4 Size: 1024B - Virtual size: 1000B

.text3 Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

3f:fa:f8:47:7f:bc:c5:7a:bd:e2:18:b5:13:39:23:ba
Certificate

7b:ea:be:23:0d:23:ee:98:ce:4a:5f:be:f5:2d:86:c7:11:68:01:d9
Signer

.text
Size: 188KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 100B

.text4
Size: 1024B - Virtual size: 1000B

.text3
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB