451bcc1b3d200ecfc34f409ebf108f4d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

451bcc1b3d200ecfc34f409ebf108f4d_JaffaCakes118
Size

75KB
MD5

451bcc1b3d200ecfc34f409ebf108f4d
SHA1

5197b73c019e8d9dc4aa47a2f346eb099e88255b
SHA256

5840880169d0ab68696e177445e108723c2f34783fe4ca1af82d75d823017c78
SHA512

e65af367a80f45ce0a247cfca0a6dc6a1a12582f4573837d48fac05b0bf80cd00cbf1d6d1f6539289d902522e91469838b0d384e9dee67861e92f220c58d2bfe
SSDEEP

1536:XF9cN7wwwPZrkDumTQ6Zs0Egzz4DwwwNv+wwYwwvIlGwweZopw9LwwwzsKoA26/6:XF9cqY8kEImz6OeS

Score

1^/10

Malware Config

Signatures

Files

451bcc1b3d200ecfc34f409ebf108f4d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6a6588e0964c292f6ac4705d9e739805

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

Issuer

CN=NCrG992VieeQ

Not Before

14/03/2012, 06:19

Not After

31/12/2039, 23:59

Subject

CN=NCrG992VieeQ

Extended Key Usages

ExtKeyUsageCodeSigning

25:b5:29:3c:19:99:f0:40:3e:3d:8a:fc:9e:8e:95:9e:19:fa:b0:54
Signer

Actual PE Digest

25:b5:29:3c:19:99:f0:40:3e:3d:8a:fc:9e:8e:95:9e:19:fa:b0:54

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
CreateFileA
lstrlenA
GetWindowsDirectoryA
lstrcpyA
GetProcAddress

user32

ShowCaret
ShowOwnedPopups
SwitchToThisWindow
TabbedTextOutA
ToUnicode
UnhookWindowsHook
UnregisterHotKey
wsprintfW
SetWindowTextW
SetUserObjectSecurity
SetUserObjectInformationW
SetSystemCursor
SetScrollRange
SetMenuItemInfoW
SetMenuItemBitmaps
SetLayeredWindowAttributes
SetDeskWallpaper
SetClassLongW
SetCapture
ScrollWindow
ScrollDC
ReuseDDElParam
ReplyMessage
RemovePropW
RemoveMenu
RegisterHotKey
RegisterClassW
RegisterClassA
PostThreadMessageA
OpenDesktopA
NotifyWinEvent
MapVirtualKeyExW
BringWindowToTop
ChangeClipboardChain
ChangeDisplaySettingsW
ChangeMenuA
CharNextW
CharUpperBuffA
ChildWindowFromPointEx
CopyIcon
CreateDialogIndirectParamA
CreateMDIWindowW
MapDialogRect
DdeAccessData
DdeAddData
DdeDisconnect
DdeFreeStringHandle
DdeInitializeW
DdeQueryStringA
DdeReconnect
DdeUnaccessData
DdeUninitialize
DestroyWindow
DlgDirSelectComboBoxExW
DrawAnimatedRects
DrawFrame
DrawTextExW
EndPaint
EnumClipboardFormats
EnumDesktopsW
EnumDisplayMonitors
EnumDisplaySettingsW
FindWindowExW
GetAsyncKeyState
GetClassInfoExA
GetClassNameA
GetDlgItem
GetFocus
GetInputDesktop
GetKeyNameTextA
GetKeyboardType
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMessageA
GetMessageTime
GetParent
GetScrollBarInfo
GetSubMenu
GetUpdateRgn
GetWindowContextHelpId
GetWindowPlacement
GetWindowThreadProcessId
IMPSetIMEA
IsCharAlphaW
IsDialogMessage
IsHungAppWindow
IsWindow
AppendMenuA
IsWindowEnabled
LoadIconA
LoadImageA
LoadKeyboardLayoutA
LoadMenuW

comdlg32

PageSetupDlgW
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
ChooseColorA
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW

advapi32

RegOpenKeyW

ole32

OleSaveToStream
OleTranslateAccelerator
ProgIDFromCLSID
ReadOleStg
RegisterDragDrop
ReleaseStgMedium
SNB_UserFree
SNB_UserUnmarshal
SetConvertStg
StgConvertVariantToProperty
StgGetIFillLockBytesOnFile
StgOpenAsyncDocfileOnIFillLockBytes
StgPropertyLengthAsVariant
StringFromCLSID
UtConvertDvtd16toDvtd32
UtGetDvtd16Info
UtGetDvtd32Info
WdtpInterfacePointer_UserFree
WdtpInterfacePointer_UserSize
WriteFmtUserTypeStg
WriteStringStream
OleRegGetMiscStatus
OleMetafilePictFromIconAndLabel
OleIsRunning
OleGetIconOfFile
OleDoAutoConvert
OleCreateLinkFromDataEx
OleCreateLinkEx
OleCreateLink
OleCreateEx
OleCreate
OleConvertOLESTREAMToIStorage
MonikerCommonPrefixWith
IsAccelerator
HkOleRegisterObject
HWND_UserSize
HMETAFILE_UserSize
HMETAFILE_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMENU_UserFree
HICON_UserUnmarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserSize
HDC_UserUnmarshal
HBRUSH_UserUnmarshal
HBRUSH_UserSize
HBITMAP_UserSize
HBITMAP_UserFree
HACCEL_UserMarshal
EnableHookObject
CreateObjrefMoniker
CreateDataAdviseHolder
CoUnmarshalInterface
CoUnmarshalHresult
CoTestCancel
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoSetCancelObject
CoReleaseServerProcess
CoRegisterPSClsid
CoRegisterClassObject
CoReactivateObject
CoQueryClientBlanket
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoIsOle1Class
CoInitializeWOW
CoGetTreatAsClass
CoGetPSClsid
CoGetInterfaceAndReleaseStream
CoGetCurrentLogicalThreadId
CoGetCallContext
CoFreeUnusedLibraries
CoDosDateTimeToFileTime
CoDisableCallCancellation
CoCreateInstanceEx
CoCancelCall
CoAllowSetForegroundWindow
CLIPFORMAT_UserSize
CLIPFORMAT_UserMarshal
OleCreateStaticFromData
CoGetInstanceFromFile

comctl32

ord8
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord6
_TrackMouseEvent
UninitializeFlatSB
ord3
PropertySheetA
PropertySheet
ord2
ord13
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_GetBkColor
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_Destroy
ImageList_Create
ImageList_Copy
ImageList_BeginDrag
ImageList_AddIcon
ImageList_Add
ord4
FlatSB_ShowScrollBar
FlatSB_SetScrollPos
FlatSB_GetScrollRange
FlatSB_GetScrollProp
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
FlatSB_EnableScrollBar
DrawStatusTextW
ord5
DrawStatusText
ord15
DestroyPropertySheetPage
CreateToolbarEx
CreateStatusWindowW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a6588e0964c292f6ac4705d9e739805

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3bCertificate

Extended Key Usages

25:b5:29:3c:19:99:f0:40:3e:3d:8a:fc:9e:8e:95:9e:19:fa:b0:54Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 12KB - Virtual size: 12KB

.text1 Size: 55KB - Virtual size: 54KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

25:b5:29:3c:19:99:f0:40:3e:3d:8a:fc:9e:8e:95:9e:19:fa:b0:54
Signer

.text
Size: 12KB - Virtual size: 12KB

.text1
Size: 55KB - Virtual size: 54KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB