40179c8d30bb5be7c191f21324cbf532_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

40179c8d30bb5be7c191f21324cbf532_JaffaCakes118
Size

182KB
MD5

40179c8d30bb5be7c191f21324cbf532
SHA1

c76e063fb5f2efee053b0eddb56006c97393bda8
SHA256

24988e3929d55d1eaba5c996754f192b164a682c4835df766921ece643f15eb2
SHA512

f5ea0f505681f036e82ed14460cca92105c4bb54ab5acd26280218581dff19535647f1e5fff29f6990bed6e70c2f5cdbb204da0e183620b9342fef77e9dc4fd0
SSDEEP

3072:rh9iS5BM/XTFOJkl0lBee/bTBPTKNwClycYvpcFF+C2UXB1xuw+uG/IA5hU5V0:OSTM/XZOq0ztTKNmlvpcFFJdBSuGfQ0

Score

1^/10

Malware Config

Signatures

Files

40179c8d30bb5be7c191f21324cbf532_JaffaCakes118
.exe windows:5 windows x86 arch:x86

44ad7f589c89714f631150955566f453

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

Issuer

CN=234g634gh3

Not Before

26/02/2012, 06:07

Not After

31/12/2039, 23:59

Subject

CN=234g634gh3

Extended Key Usages

ExtKeyUsageCodeSigning

69:13:31:43:d8:ca:c8:5b:68:31:8b:f4:56:67:c7:5e:4a:d9:33:44
Signer

Actual PE Digest

69:13:31:43:d8:ca:c8:5b:68:31:8b:f4:56:67:c7:5e:4a:d9:33:44

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
InterlockedCompareExchange
GetProcAddress
LoadLibraryA
GetWindowsDirectoryW

user32

DdeUninitialize
DefWindowProcA
DeferWindowPos
DeleteMenu
DestroyCursor
DlgDirListA
DlgDirSelectComboBoxExA
DragObject
DrawEdge
DrawIcon
DrawIconEx
EnableScrollBar
EnableWindow
EnumDesktopWindows
EnumDisplayMonitors
EnumDisplaySettingsExW
EnumPropsA
EnumWindowStationsW
FindWindowExA
FindWindowExW
FindWindowW
FlashWindowEx
GetAltTabInfoA
GetCapture
GetClassInfoA
GetClassNameW
GetClassWord
GetClientRect
GetClipboardViewer
GetDlgItemTextA
GetForegroundWindow
GetKeyNameTextA
GetKeyboardLayout
GetKeyboardState
GetLastInputInfo
GetListBoxInfo
GetMenu
GetMenuItemCount
GetMenuState
GetMessageExtraInfo
GetMonitorInfoA
GetOpenClipboardWindow
GetPriorityClipboardFormat
GetQueueStatus
GetScrollInfo
GetScrollPos
GetSubMenu
GetSystemMenu
DdePostAdvise
GetWindowContextHelpId
GetWindowPlacement
GetWindowRect
GetWindowTextA
GrayStringA
IMPQueryIMEA
InsertMenuA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerW
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsWindow
IsWindowUnicode
LoadBitmapW
LockSetForegroundWindow
MessageBoxExW
ModifyMenuA
OemToCharBuffW
PostThreadMessageW
RealGetWindowClass
RegisterClassExA
RegisterClassW
RegisterDeviceNotificationW
RegisterHotKey
ReleaseCapture
SendDlgItemMessageA
SendIMEMessageExA
SendMessageCallbackA
SendMessageCallbackW
SendMessageW
SendNotifyMessageA
SendNotifyMessageW
SetCaretBlinkTime
SetCaretPos
SetClassLongW
SetClassWord
SetMenuItemInfoA
SetMenuItemInfoW
SetUserObjectInformationW
SetWinEventHook
SubtractRect
SwitchToThisWindow
TabbedTextOutA
ToAscii
ToUnicodeEx
TranslateAcceleratorW
UnpackDDElParam
UpdateLayeredWindow
UpdateWindow
WaitMessage
WindowFromDC
keybd_event
mouse_event
DdeImpersonateClient
DdeEnableCallback
DdeDisconnectList
DdeConnectList
CreatePopupMenu
CreateIconFromResourceEx
CreateDialogParamA
ClipCursor
CheckMenuRadioItem
CharUpperBuffW
CharPrevExA
CharLowerBuffW
ChangeClipboardChain
CallMsgFilterW
BroadcastSystemMessageA
BringWindowToTop
BlockInput
BeginDeferWindowPos
ArrangeIconicWindows
AdjustWindowRectEx
LoadIconA
GetUpdateRect

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
ChooseColorA

ole32

CLIPFORMAT_UserFree
CLIPFORMAT_UserUnmarshal
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCreateGuid
CoCreateInstance
CoCreateObjectInContext
CoDisableCallCancellation
CoDosDateTimeToFileTime
CoFileTimeNow
CoGetClassObject
CoGetCurrentLogicalThreadId
CoGetInstanceFromFile
CoGetInstanceFromIStorage
CoGetMarshalSizeMax
CoGetObjectContext
CoGetStdMarshalEx
CoImpersonateClient
CoInitialize
CoLoadLibrary
CoQueryAuthenticationServices
CoQueryReleaseObject
CoReactivateObject
CoRegisterClassObject
CoRegisterMallocSpy
CoRegisterSurrogate
CoReleaseMarshalData
CoRevertToSelf
CoSuspendClassObjects
CoSwitchCallContext
CoTaskMemRealloc
CoTestCancel
CoTreatAsClass
CoUnmarshalInterface
CreateClassMoniker
CreateDataAdviseHolder
CreateFileMoniker
CreateItemMoniker
CreateObjrefMoniker
CreateOleAdviseHolder
CreatePointerMoniker
CreateStdProgressIndicator
CreateStreamOnHGlobal
DllGetClassObjectWOW
FreePropVariantArray
GetConvertStg
GetDocumentBitStg
GetHGlobalFromILockBytes
GetHGlobalFromStream
HACCEL_UserMarshal
HBITMAP_UserFree
HBRUSH_UserSize
HDC_UserMarshal
HDC_UserSize
HDC_UserUnmarshal
HENHMETAFILE_UserFree
HENHMETAFILE_UserSize
HGLOBAL_UserFree
HICON_UserFree
HICON_UserMarshal
HICON_UserSize
HMENU_UserFree
HMENU_UserSize
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserSize
HWND_UserFree
IsAccelerator
IsEqualGUID
MonikerCommonPrefixWith
OleConvertIStorageToOLESTREAM
OleConvertIStorageToOLESTREAMEx
OleCreateEmbeddingHelper
OleCreateFromDataEx
OleCreateLink
OleCreateLinkToFile
OleDestroyMenuDescriptor
OleInitialize
OleIsCurrentClipboard
OleQueryCreateFromData
OleRegEnumVerbs
OleRegGetUserType
OleRun
OleSave
OleSetContainedObject
OleSetMenuDescriptor
OleUninitialize
PropStgNameToFmtId
PropVariantClear
PropVariantCopy
ReadClassStg
ReadOleStg
ReadStringStream
RegisterDragDrop
RevokeDragDrop
SNB_UserFree
SNB_UserSize
SNB_UserUnmarshal
STGMEDIUM_UserFree
STGMEDIUM_UserSize
SetConvertStg
StgConvertPropertyToVariant
StgCreateDocfileOnILockBytes
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenPropStg
StgPropertyLengthAsVariant
StringFromCLSID
StringFromGUID2
StringFromIID
UtGetDvtd16Info
WdtpInterfacePointer_UserFree
WdtpInterfacePointer_UserMarshal
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserUnmarshal
WriteClassStm
WriteOleStg

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44ad7f589c89714f631150955566f453

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5aCertificate

Extended Key Usages

69:13:31:43:d8:ca:c8:5b:68:31:8b:f4:56:67:c7:5e:4a:d9:33:44Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 648B

.text6 Size: 2KB - Virtual size: 1KB

.text1 Size: 1024B - Virtual size: 1000B

.text2 Size: 1024B - Virtual size: 1000B

.text5 Size: 161KB - Virtual size: 161KB

.reloc Size: 2KB - Virtual size: 2KB

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

69:13:31:43:d8:ca:c8:5b:68:31:8b:f4:56:67:c7:5e:4a:d9:33:44
Signer

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 648B

.text6
Size: 2KB - Virtual size: 1KB

.text1
Size: 1024B - Virtual size: 1000B

.text2
Size: 1024B - Virtual size: 1000B

.text5
Size: 161KB - Virtual size: 161KB

.reloc
Size: 2KB - Virtual size: 2KB