406a4d1cb7c7928ac3fa328f9dac3727_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

406a4d1cb7c7928ac3fa328f9dac3727_JaffaCakes118
Size

96KB
MD5

406a4d1cb7c7928ac3fa328f9dac3727
SHA1

7feda3567dfacf29083b3bdad5fc38f320b35e62
SHA256

30047f8f24533143a9852eabc0e8e98995b05528e0094f4da491c0d1ec6bce3a
SHA512

da06b25608f396a416c1f0c2dc18720414a83573d1fb45d1e4932aa32be47030892f7146135e6a1ea128425db8573815e9a3a11c05b774e20fc671995221e699
SSDEEP

1536:JGr7ho07Rsm5KuHp/DBNZE8+EahSO4NAWKgrUj7oV7XEV9I7Q:JGr7O07uudBNZE8+EqIbUjMVjEV9I

Score

1^/10

Malware Config

Signatures

Files

406a4d1cb7c7928ac3fa328f9dac3727_JaffaCakes118
.exe windows:5 windows x86 arch:x86

323084440404fc4807174482dfc9de09

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

Issuer

CN=K6cyVsKULMDi

Not Before

15/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=K6cyVsKULMDi

Extended Key Usages

ExtKeyUsageCodeSigning

71:34:58:d4:33:77:e6:5b:e6:3c:96:ce:6c:e5:61:58:47:7b:df:ab
Signer

Actual PE Digest

71:34:58:d4:33:77:e6:5b:e6:3c:96:ce:6c:e5:61:58:47:7b:df:ab

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
CreateFileW
lstrlenW
lstrcpyW
VirtualAlloc

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyExA

shlwapi

StrCmpIW
StrCmpW
StrCpyW
StrDupW
StrFormatKBSizeW
StrNCatW
StrRStrIA
StrStrIA
StrStrIW
StrStrW
StrTrimA
StrTrimW
UrlCanonicalizeA
UrlCanonicalizeW
UrlHashA
UrlIsA
UrlIsNoHistoryA
UrlUnescapeA
UrlUnescapeW
wnsprintfW
wvnsprintfW
StrCatW
SHSetThreadRef
SHRegWriteUSValueA
SHRegQueryInfoUSKeyW
SHRegGetUSValueW
SHRegGetPathA
SHRegGetBoolUSValueW
SHRegEnumUSValueW
SHRegDuplicateHKey
SHRegDeleteUSValueW
SHRegCloseUSKey
SHQueryInfoKeyA
SHIsLowMemoryMachine
SHGetThreadRef
SHDeleteValueW
SHDeleteValueA
SHDeleteKeyA
ord16
SHCopyKeyW
PathUnquoteSpacesW
PathStripToRootW
PathStripPathA
PathSkipRootA
PathSearchAndQualifyA
PathRenameExtensionA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashW
PathRelativePathToW
PathRelativePathToA
PathMatchSpecA
PathIsUNCServerShareA
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsPrefixA
PathIsNetworkPathA
PathIsLFNFileSpecA
PathIsFileSpecW
PathIsDirectoryW
PathIsContentTypeA
PathGetDriveNumberW
PathGetArgsA
PathFindFileNameW
PathCombineW
PathCanonicalizeA
PathBuildRootA
PathAppendW
PathAddBackslashW
PathAddBackslashA
GetMenuPosFromID
ColorRGBToHLS
ColorAdjustLuma
ChrCmpIA
AssocQueryKeyW
AssocCreate
SHRegQueryUSValueA

comctl32

CreatePropertySheetPageW
CreateStatusWindow
ord6
CreateStatusWindowW
ord7
CreateToolbarEx
ord16
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollPos
FlatSB_GetScrollProp
FlatSB_GetScrollRange
CreatePropertySheetPage
FlatSB_SetScrollPos
FlatSB_ShowScrollBar
ord4
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
FlatSB_SetScrollInfo
_TrackMouseEvent
ord3
PropertySheetW
PropertySheetA
ord2
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetBkColor
ImageList_Replace
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ord8

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

323084440404fc4807174482dfc9de09

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8Certificate

Extended Key Usages

71:34:58:d4:33:77:e6:5b:e6:3c:96:ce:6c:e5:61:58:47:7b:df:abSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

shlwapi

comctl32

Sections

.text Size: 83KB - Virtual size: 83KB

.data Size: 512B - Virtual size: 224B

.v2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 285KB

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

71:34:58:d4:33:77:e6:5b:e6:3c:96:ce:6c:e5:61:58:47:7b:df:ab
Signer

.text
Size: 83KB - Virtual size: 83KB

.data
Size: 512B - Virtual size: 224B

.v2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 285KB