43d7927b16c9ac49ddb93774a7785699_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43d7927b16c9ac49ddb93774a7785699_JaffaCakes118
Size

44KB
MD5

43d7927b16c9ac49ddb93774a7785699
SHA1

cd0f2274f5e475e378c1fa159a275ee1cac0b517
SHA256

312331feb9aaeb37c5aea06efea92e8f1e3e1f8075c400281f8c95f8df1399f6
SHA512

31c197be22feeae959ad86401158e079fe483fea2e41ff0fd677d54f04415cf4395981ce21db3eb715fc577808b2c6b8159144a0302af3900aee65847583dbd8
SSDEEP

768:yIEUMxwfNsh89GivwBiCFL04ymE1UQda+V5O9t6Vrm9j4ixfKAjHslK1ycDg3a:dEwNXBoBzZ0QE1bs+VUMxm9j8

Score

1^/10

Malware Config

Signatures

Files

43d7927b16c9ac49ddb93774a7785699_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de28a385b796885b73e8c99fcbf4329c

Code Sign

75:05:7b:60:21:ff:39:53:bd:24:29:60:2a:8a:6e:1a
Certificate

Issuer

CN=AeFR9zQ3lCYA

Not Before

12/03/2012, 08:17

Not After

31/12/2039, 23:59

Subject

CN=AeFR9zQ3lCYA

Extended Key Usages

ExtKeyUsageCodeSigning

1a:33:84:bf:c4:9b:6a:66:0a:43:e9:7b:fd:31:60:ab:11:00:c8:84
Signer

Actual PE Digest

1a:33:84:bf:c4:9b:6a:66:0a:43:e9:7b:fd:31:60:ab:11:00:c8:84

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
VirtualAlloc
CreateFileW

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyExA

shlwapi

SHRegSetPathW
SHSetValueW
SHSkipJunction
StrCSpnIA
StrCSpnIW
StrCatBuffW
StrChrA
StrChrW
StrFormatByteSize64A
StrFormatByteSizeW
StrFromTimeIntervalW
StrIsIntlEqualW
StrPBrkW
StrRChrIA
StrRChrW
StrSpnA
StrStrW
StrToIntExA
StrTrimA
UrlCanonicalizeA
UrlCanonicalizeW
UrlCreateFromPathW
UrlEscapeA
UrlGetLocationA
UrlIsA
UrlUnescapeA
wnsprintfW
wvnsprintfW
SHRegOpenUSKeyA
SHRegGetBoolUSValueW
SHRegEnumUSKeyW
SHRegDeleteUSValueA
SHRegDeleteEmptyUSKeyA
SHRegCloseUSKey
SHQueryValueExA
SHQueryInfoKeyA
SHOpenRegStreamA
SHGetInverseCMAP
SHEnumValueA
SHEnumKeyExW
SHDeleteValueA
SHDeleteEmptyKeyA
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
PathUnquoteSpacesW
PathUndecorateA
PathUnExpandEnvStringsW
PathStripPathW
PathSearchAndQualifyA
PathRemoveExtensionA
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveArgsW
PathRelativePathToA
PathParseIconLocationA
PathMatchSpecW
PathIsURLA
PathIsUNCServerShareA
PathIsSystemFolderA
PathIsSameRootW
PathIsRootW
PathIsPrefixW
PathIsNetworkPathW
PathIsNetworkPathA
PathIsDirectoryEmptyW
PathIsDirectoryA
PathGetCharTypeA
PathGetArgsW
PathFindSuffixArrayW
PathFindNextComponentW
PathFindExtensionA
PathCompactPathW
PathCommonPrefixW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAddBackslashW
IntlStrEqWorkerA
ColorRGBToHLS
ColorAdjustLuma
ChrCmpIW
AssocQueryStringByKeyA
AssocQueryStringA
AssocCreate
SHRegQueryUSValueA

comctl32

CreateStatusWindow
ord6
ord7
CreateToolbarEx
ord16
DestroyPropertySheetPage
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
CreatePropertySheetPageW
FlatSB_SetScrollProp
ord4
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragShowNolock
FlatSB_GetScrollRange
UninitializeFlatSB
ord3
PropertySheetW
PropertySheetA
PropertySheet
ord2
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_Merge
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawEx
ImageList_Draw
CreatePropertySheetPageA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de28a385b796885b73e8c99fcbf4329c

Code Sign

75:05:7b:60:21:ff:39:53:bd:24:29:60:2a:8a:6e:1aCertificate

Extended Key Usages

1a:33:84:bf:c4:9b:6a:66:0a:43:e9:7b:fd:31:60:ab:11:00:c8:84Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

shlwapi

comctl32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 228B

.v2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

75:05:7b:60:21:ff:39:53:bd:24:29:60:2a:8a:6e:1a
Certificate

1a:33:84:bf:c4:9b:6a:66:0a:43:e9:7b:fd:31:60:ab:11:00:c8:84
Signer

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 228B

.v2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB