543a82b4559fdf1e08a56ea5bb14c139_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

543a82b4559fdf1e08a56ea5bb14c139_JaffaCakes118
Size

170KB
MD5

543a82b4559fdf1e08a56ea5bb14c139
SHA1

a6b120d6ea7b939667c05348c007c86c307466cf
SHA256

973c7f8c82b55658e69203795d9aa47326254629e2cbf9bf3363f99f951bce20
SHA512

4decd4fff3dc468af7a6f7b7189e6fbb7d5b34467d70fa59473026aac94301f724f1f438526390061eb71e42cecc944af7a42b97abafadc9e230ee0b5a3bb535
SSDEEP

3072:bLbjKmmfcRygt+sX4LdVZtJ6rrRczBpb6K3yGHw6rI2Z+yAVpWiP1bd:bLPK/fcRVnIHZtSrRc9cMk6kTTbd

Score

1^/10

Malware Config

Signatures

Files

543a82b4559fdf1e08a56ea5bb14c139_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5138b605466ce8aa0e875e1dbaaf4ce6

Code Sign

75:91:42:63:ff:a9:e8:96:43:f2:4e:77:74:da:b6:ce
Certificate

Issuer

CN=XfAtLEMWldivebaeZBLxSqivCTHBurFrwsRilfEEdQuJfBFFvKamMwQGJSfBcxLskNvbitNsxLnRVrrUfn ogoCOACcbszGkMhbMrrNUxCDOfWOthnmOGnuimDYNiaXuMSVYiUclvKBiTX IKrFN S

Not Before

27-06-2012 08:33

Not After

31-12-2039 23:59

Subject

CN=XfAtLEMWldivebaeZBLxSqivCTHBurFrwsRilfEEdQuJfBFFvKamMwQGJSfBcxLskNvbitNsxLnRVrrUfn ogoCOACcbszGkMhbMrrNUxCDOfWOthnmOGnuimDYNiaXuMSVYiUclvKBiTX IKrFN S

Extended Key Usages

ExtKeyUsageCodeSigning

8b:ae:d3:c8:4c:8d:3d:48:c0:9a:51:dd:e3:3e:c3:f1:8d:94:de:b3
Signer

Actual PE Digest

8b:ae:d3:c8:4c:8d:3d:48:c0:9a:51:dd:e3:3e:c3:f1:8d:94:de:b3

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
GetCommProperties
SetHandleCount
SetThreadExecutionState
IsBadWritePtr
EraseTape
GetConsoleAliasExesW
IsBadReadPtr
GetDiskFreeSpaceW
CreateJobObjectW
lstrcpyA
UnlockFile
SetConsoleActiveScreenBuffer
ScrollConsoleScreenBufferW
GlobalMemoryStatus
SetHandleInformation
BuildCommDCBAndTimeoutsW
SizeofResource
Module32FirstW
SetConsoleCursorInfo
HeapFree
GetHandleInformation
PurgeComm
CreateMutexA
GetPrivateProfileStructW
LockFile
LCMapStringA
SetCalendarInfoW
CancelDeviceWakeupRequest
MoveFileWithProgressW
WritePrivateProfileSectionW
GlobalAddAtomA
BackupRead
GlobalDeleteAtom
AssignProcessToJobObject
GetConsoleAliasesLengthA
FoldStringW
FreeLibraryAndExitThread
GetSystemPowerStatus
GetOEMCP
GetCurrentThread
BuildCommDCBAndTimeoutsA
PeekNamedPipe
IsBadStringPtrA
GenerateConsoleCtrlEvent
GetThreadLocale
GetDriveTypeW
SetFileAttributesW
ReadProcessMemory
EndUpdateResourceA
SetCommBreak
GetTempPathA
ClearCommError
GetComputerNameW
SetConsoleTitleA
WriteProfileStringW
SetFilePointerEx
InterlockedCompareExchange
GlobalGetAtomNameA
lstrlenA
OutputDebugStringA
Heap32First
GetCurrentDirectoryW
GlobalAlloc
GetNumberOfConsoleMouseButtons
ReadConsoleOutputA
OpenProcess
GetSystemInfo
PeekConsoleInputA
SetVolumeMountPointA
GetTempFileNameW
SetProcessWorkingSetSize
GlobalHandle
GetLogicalDriveStringsA
SetDefaultCommConfigA
Process32Next
FindNextVolumeMountPointW
IsDebuggerPresent
AllocConsole
GetConsoleScreenBufferInfo
UnmapViewOfFile
Process32NextW
EnumSystemCodePagesA
GetCommandLineA
GetLogicalDriveStringsW
WritePrivateProfileStructW
GetPrivateProfileStringW
GetVolumePathNameW
FindCloseChangeNotification
CreateEventA
GetConsoleTitleW

user32

SetClassLongA
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateDialogParamA
GetWindowTextLengthA
ToAscii
SetWinEventHook
ScrollWindowEx
mouse_event
IsCharLowerW
LoadCursorFromFileW
SetDeskWallpaper
GetClipboardSequenceNumber
OpenIcon
ChangeMenuA
GetKeyboardLayoutList
GetMenuDefaultItem
IsWindowEnabled
UnhookWindowsHook
DrawEdge
FindWindowExW
TrackPopupMenu
MonitorFromRect
IsRectEmpty
DdeQueryStringA
EnumDisplaySettingsW
IMPSetIMEW
GetSystemMenu
ShowCursor
GetWindowPlacement
CreateIconIndirect
GetClipboardViewer
GetUserObjectSecurity
SetWindowsHookW
GetQueueStatus
MessageBoxIndirectA
EnumThreadWindows
GetWindowTextLengthW
LoadMenuIndirectA
CheckDlgButton
GetWindowRect
GetCursor
EnableMenuItem
InvertRect
EnumDesktopsW
WaitMessage
ScrollDC
EnumPropsA
ChangeMenuW
GetForegroundWindow
DdeFreeStringHandle
GetSysColorBrush
AllowSetForegroundWindow
AppendMenuA
CopyImage
GetUserObjectInformationA
FindWindowW
GetKeyboardLayout
OpenDesktopA
CreateDialogIndirectParamW
OemKeyScan
ChildWindowFromPoint
GetCursorInfo
CreateCursor
GetWindowRgn
GetShellWindow
EnumWindows
RegisterDeviceNotificationA
GetMessagePos
SetProcessWindowStation
GetClassLongW
IMPGetIMEW
WaitForInputIdle
ShowOwnedPopups
GetInputState
GetGuiResources
CascadeWindows
RegisterShellHookWindow
GetTitleBarInfo
SetShellWindow
SetSysColors
GetIconInfo
EndDeferWindowPos
LoadStringW
UpdateLayeredWindow
CharLowerBuffW
GetClipboardFormatNameA
ChildWindowFromPointEx
CharPrevExA
GetNextDlgTabItem
SystemParametersInfoA

gdi32

GetStockObject
DeleteObject
CreateSolidBrush

msvcrt

memset

advapi32

RegOpenKeyExW

shell32

DragQueryFile
FindExecutableA
SHFreeNameMappings
DuplicateIcon
ExtractIconExW
SHGetDataFromIDListA
SHGetDesktopFolder
DoEnvironmentSubstW
SHInvokePrinterCommandW
SHLoadInProc
SHGetPathFromIDListA
SHGetDiskFreeSpaceExW
SHQueryRecycleBinW
ShellHookProc
WOWShellExecute
ShellAboutW
SHGetFileInfoA
SHEmptyRecycleBinA
Shell_NotifyIconW
ShellExecuteW
ExtractAssociatedIconExW
SHFileOperationA
SHGetInstanceExplorer
SHGetFolderPathW
SHGetIconOverlayIndexW
SHFormatDrive
SHGetFolderLocation
ShellExecuteExW
SHIsFileAvailableOffline
SHLoadNonloadedIconOverlayIdentifiers
SHCreateDirectoryExW
DragQueryFileW
SHPathPrepareForWriteA
SHGetSpecialFolderPathW
ExtractAssociatedIconExA
SHGetPathFromIDList
SHChangeNotify
SHAddToRecentDocs
SHGetFileInfo
SHGetSpecialFolderLocation
SHBrowseForFolderW
ExtractIconEx
SHBrowseForFolder
ShellExecuteA
ExtractIconExA
SHCreateProcessAsUserW
SHGetIconOverlayIndexA
SHQueryRecycleBinA
Shell_NotifyIcon
ShellExecuteEx
SHAppBarMessage
SHBrowseForFolderA
SHEmptyRecycleBinW

shlwapi

StrCmpNIW
StrRChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrChrIA
StrRChrA
StrRChrIA
StrRChrW
StrStrIA
StrRStrIA
StrChrA

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5138b605466ce8aa0e875e1dbaaf4ce6

Code Sign

75:91:42:63:ff:a9:e8:96:43:f2:4e:77:74:da:b6:ceCertificate

Extended Key Usages

8b:ae:d3:c8:4c:8d:3d:48:c0:9a:51:dd:e3:3e:c3:f1:8d:94:de:b3Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

shlwapi

Sections

.text Size: 155KB - Virtual size: 154KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

75:91:42:63:ff:a9:e8:96:43:f2:4e:77:74:da:b6:ce
Certificate

8b:ae:d3:c8:4c:8d:3d:48:c0:9a:51:dd:e3:3e:c3:f1:8d:94:de:b3
Signer

.text
Size: 155KB - Virtual size: 154KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB