521f5b9a0aae4088a76794d0562ddfbc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

521f5b9a0aae4088a76794d0562ddfbc_JaffaCakes118
Size

204KB
MD5

521f5b9a0aae4088a76794d0562ddfbc
SHA1

395bd3cc6ae1bb6071afceea135b408cc9689110
SHA256

bff100497d3eb66ce48e7671fda3cd3436ad1f16d3d6cfea2cbcf28bcb2e993d
SHA512

e1cdc6a26134acf394511f6728ebe5094891c95365aa5649dd2c74b497485247fdcb36e66e3a1c450ccf86ff004011f863d77141fd98038b93b354eebf047be9
SSDEEP

3072:ULpHMexlVPdhs/O4EmwFD3FxPl15A72bbuaa/Wmu5GDSySC1bx2LmZ:ULFxxk/wzZ3Pl+22aa/pjj5o0

Score

1^/10

Malware Config

Signatures

Files

521f5b9a0aae4088a76794d0562ddfbc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6e36696063ffeada0805f8dfdafc97ef

Code Sign

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0e
Certificate

Issuer

CN=666666

Not Before

12/02/2012, 08:59

Not After

31/12/2039, 23:59

Subject

CN=666666

Extended Key Usages

ExtKeyUsageCodeSigning

cb:14:cb:76:6a:22:29:47:da:ba:53:fb:83:dc:33:4f:51:80:03:f1
Signer

Actual PE Digest

cb:14:cb:76:6a:22:29:47:da:ba:53:fb:83:dc:33:4f:51:80:03:f1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryW
VirtualAlloc

user32

LoadAcceleratorsW

ole32

BindMoniker
CLSIDFromProgIDEx
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoEnableCallCancellation
CoFreeLibrary
CoGetCallerTID
CoGetCancelObject
CoGetCurrentProcess
CoGetMalloc
CoGetStandardMarshal
CoGetTreatAsClass
CoInitializeSecurity
CoInitializeWOW
CoLockObjectExternal
CoQueryClientBlanket
CoReactivateObject
CoRegisterPSClsid
CoRegisterSurrogateEx
CoResumeClassObjects
CoRevertToSelf
CoRevokeClassObject
CoSetCancelObject
CoTaskMemAlloc
CoTaskMemRealloc
CoTreatAsClass
CoUninitialize
CreateDataCache
CreateFileMoniker
CreateOleAdviseHolder
CreatePointerMoniker
DcomChannelSetHResult
FreePropVariantArray
GetClassFile
HACCEL_UserUnmarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBITMAP_UserSize
HBRUSH_UserUnmarshal
HDC_UserFree
HDC_UserSize
HDC_UserUnmarshal
HENHMETAFILE_UserFree
HGLOBAL_UserSize
HMENU_UserMarshal
HMETAFILEPICT_UserMarshal
HMETAFILE_UserMarshal
HMETAFILE_UserSize
HPALETTE_UserUnmarshal
HWND_UserSize
IsAccelerator
MkParseDisplayName
MonikerRelativePathTo
OleConvertOLESTREAMToIStorage
OleConvertOLESTREAMToIStorageEx
OleCreate
OleCreateEmbeddingHelper
OleCreateFromFile
OleCreateFromFileEx
OleDuplicateData
OleGetAutoConvert
OleLoad
OleLoadFromStream
OleLockRunning
OleRegGetUserType
OleSaveToStream
OleSetAutoConvert
OleSetClipboard
PropVariantClear
ReadStringStream
RegisterDragDrop
SNB_UserMarshal
STGMEDIUM_UserMarshal
StgConvertVariantToProperty
StgCreateStorageEx
StgOpenPropStg
StgOpenStorageEx
StgPropertyLengthAsVariant
StringFromGUID2
UtConvertDvtd32toDvtd16
WdtpInterfacePointer_UserUnmarshal
WriteClassStm
WriteOleStg

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nnn
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gay5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gay4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e36696063ffeada0805f8dfdafc97ef

Code Sign

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0eCertificate

Extended Key Usages

cb:14:cb:76:6a:22:29:47:da:ba:53:fb:83:dc:33:4f:51:80:03:f1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 4KB - Virtual size: 4KB

.nnn Size: 181KB - Virtual size: 181KB

.data Size: 512B - Virtual size: 200B

.gay5 Size: 1024B - Virtual size: 1000B

.gay4 Size: 1024B - Virtual size: 1000B

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 1024B - Virtual size: 996B

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0e
Certificate

cb:14:cb:76:6a:22:29:47:da:ba:53:fb:83:dc:33:4f:51:80:03:f1
Signer

.text
Size: 4KB - Virtual size: 4KB

.nnn
Size: 181KB - Virtual size: 181KB

.data
Size: 512B - Virtual size: 200B

.gay5
Size: 1024B - Virtual size: 1000B

.gay4
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 1024B - Virtual size: 996B