56fc8871e1cd702119e031804bd59909_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56fc8871e1cd702119e031804bd59909_JaffaCakes118
Size

2.1MB
MD5

56fc8871e1cd702119e031804bd59909
SHA1

a0dc7adc75dbd7c879c2f695bee9fe552caf553e
SHA256

008456ae0813d52c714f9aff9bd7c23d9f0c8e8c7cf1fdc1e83478774d01fce5
SHA512

9a62b54701e3d6638ba61cd385e6001ca6cbaaeb55b4dc598117c70a5e1777ae510eaa568d2bb335f058b11ab118e643e4d12126b5b94ca8b19703aa11893d9d
SSDEEP

49152:BX+0g8m/S+VYhVMsoSCjY0o1iz/zeuxAC9pDy0r:BX+3S+ah4T+IHeuxAKl

Score

1^/10

Malware Config

Signatures

Files

56fc8871e1cd702119e031804bd59909_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f63787a28db9718178a8c12672d6dead

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:fb:d7:58:45:d9:98:f0:9f:1f:a9:56:87:47:41:33
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

19/10/2006, 00:00

Not After

18/10/2008, 23:59

Subject

CN=Logitech Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Corp Signing Cert,O=Logitech Inc,L=Fremont,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:56:f5:d4:7c:e2:ad:f0:92:f3:e6:37:3b:1d:3b:33:e7:84:48:96
Signer

Actual PE Digest

09:56:f5:d4:7c:e2:ad:f0:92:f3:e6:37:3b:1d:3b:33:e7:84:48:96

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Symbols\app\Release\Quickcam.pdb

Imports

winmm

PlaySoundW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

FindNextFileW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
GetStartupInfoW
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetVersion
InterlockedIncrement
CopyFileW
FileTimeToLocalFileTime
SetCurrentDirectoryW
HeapFree
GetProcessHeap
HeapAlloc
GetTempPathW
QueryPerformanceCounter
GetSystemTime
GetCurrentThread
SetThreadExecutionState
GetSystemDirectoryW
ExpandEnvironmentStringsW
OutputDebugStringW
GetShortPathNameW
GlobalGetAtomNameW
GetCurrentProcessId
GetDateFormatW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CompareFileTime
GetFileSizeEx
GetFileTime
MulDiv
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
SetThreadPriority
WideCharToMultiByte
GetACP
GetLocaleInfoW
lstrcpyW
InterlockedDecrement
Sleep
GetTickCount
FreeResource
LeaveCriticalSection
EnterCriticalSection
ReadDirectoryChangesW
IsBadReadPtr
TerminateThread
DeleteFileW
CreateThread
CreateFileW
GetSystemDefaultLangID
GetFileAttributesW
SetLastError
FormatMessageW
DeleteCriticalSection
CreateProcessW
CreateDirectoryW
GetModuleFileNameW
InitializeCriticalSection
LoadLibraryExW
lstrlenW
MultiByteToWideChar
LoadLibraryW
FreeLibrary
GetLastError
CreateMutexW
GetCommandLineW
WaitForMultipleObjects
lstrcmpiW
GetCurrentProcess
GetVersionExW
GetModuleHandleW
ReleaseMutex
GetProcAddress
OpenProcess
LocalFree
RaiseException
WaitForSingleObject
SetEvent
CloseHandle
CreateEventW
FindResourceW
LoadResource
LockResource
SizeofResource
GetStdHandle

user32

SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
RegisterClipboardFormatW
GetWindowThreadProcessId
GetWindowDC
GrayStringW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
ShowWindow
IsDialogMessageW
CheckRadioButton
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetMenu
MessageBoxW
GetClassInfoExW
RegisterClassW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetMenuState
GetMenuItemInfoW
GetMenuItemCount
LoadIconW
LoadImageW
EnumChildWindows
SetWindowTextW
GetWindowTextW
SetMenuItemInfoW
MessageBeep
EnableMenuItem
SetRect
PeekMessageW
EqualRect
UnregisterHotKey
VkKeyScanW
RegisterHotKey
RemoveMenu
GetActiveWindow
GetSubMenu
IsMenu
LoadMenuW
InsertMenuW
IsWindowEnabled
PostQuitMessage
AppendMenuW
GetSystemMenu
FindWindowW
BroadcastSystemMessageW
ShowScrollBar
RedrawWindow
GetKeyState
IntersectRect
FillRect
SetCursor
LoadCursorW
ReleaseCapture
SetCapture
CreateWindowExW
IsRectEmpty
GetWindowLongW
AdjustWindowRect
DestroyWindow
IsWindowVisible
GetDCEx
SetWindowRgn
OffsetRect
SetRectEmpty
LoadBitmapW
EndPaint
BeginPaint
GetDlgCtrlID
GetWindow
MoveWindow
AdjustWindowRectEx
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
UnregisterClassW
PostThreadMessageW
ClientToScreen
FrameRect
ValidateRect
GetSysColorBrush
DestroyMenu
WindowFromPoint
GetSysColor
CharUpperW
HideCaret
GetCursorPos
SystemParametersInfoW
ReleaseDC
GetDC
DrawFocusRect
CopyRect
UpdateWindow
SetTimer
InvalidateRect
KillTimer
PtInRect
GetParent
DrawTextExW
ScreenToClient
GetMessagePos
GetWindowRect
GetFocus
GetMonitorInfoW
MonitorFromWindow
IsWindow
GetClassInfoW
DefWindowProcW
SetActiveWindow
SetForegroundWindow
CharNextW
SendMessageTimeoutW
RegisterWindowMessageW
DrawIcon
GetClientRect
GetSystemMetrics
SendMessageW
PostMessageW
IsIconic
EnableWindow
GetDesktopWindow
UnregisterClassA
GetMenuItemID

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
ExtSelectClipRgn
OffsetViewportOrgEx
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
SaveDC
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
Rectangle
GetStockObject
ExtCreatePen
DeleteObject
CreateBitmap
GetClipBox
StartDocW
AbortDoc
EndDoc
EndPage
GetMapMode
StartPage
GetDeviceCaps
CreatePen
StretchDIBits
SetStretchBltMode
CreateSolidBrush
CreateFontIndirectW
CombineRgn
CreateRoundRectRgn
CreateRectRgn
CreateRectRgnIndirect
CreateFontW
GetObjectW
GetTextExtentPointA
GetTextMetricsA
SetPixel
GetPixel
DeleteDC
StretchBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetBkColor
BitBlt
SetTextColor
SetBkMode

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

GetSecurityInfo
RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
CopySid
GetLengthSid
LookupAccountNameW
GetUserNameW
RegDeleteValueW
GetEffectiveRightsFromAclW
BuildTrusteeWithSidW
RegOpenKeyW
RegQueryValueW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegSetValueExW

shell32

SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW
SHGetFolderPathW
SHGetDesktopFolder

comctl32

InitCommonControlsEx
ImageList_Create

shlwapi

PathFileExistsW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathAppendW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterClassObject
CoTaskMemRealloc
CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CLSIDFromProgID
StringFromCLSID
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
CLSIDFromString
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter

oleaut32

SysStringLen
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantChangeType
SysAllocStringLen
DispCallFunc
VariantClear
VariantInit
LoadTypeLi
UnRegisterTypeLi
VarUI4FromStr
SysAllocString
SysFreeString
RegisterTypeLi
GetErrorInfo

gdiplus

GdipLoadImageFromFile
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDisposeImage
GdipFillRectangleI
GdipCreateLineBrushFromRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneBrush
GdipDeleteBrush
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight

Sections

.text
Size: 723KB - Virtual size: 722KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1016KB - Virtual size: 1015KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f63787a28db9718178a8c12672d6dead

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

67:fb:d7:58:45:d9:98:f0:9f:1f:a9:56:87:47:41:33Certificate

Extended Key Usages

Key Usages

09:56:f5:d4:7c:e2:ad:f0:92:f3:e6:37:3b:1d:3b:33:e7:84:48:96Signer

Headers

File Characteristics

PDB Paths

Imports

winmm

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 723KB - Virtual size: 722KB

.rdata Size: 209KB - Virtual size: 208KB

.data Size: 26KB - Virtual size: 55KB

.rsrc Size: 1016KB - Virtual size: 1015KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

67:fb:d7:58:45:d9:98:f0:9f:1f:a9:56:87:47:41:33
Certificate

09:56:f5:d4:7c:e2:ad:f0:92:f3:e6:37:3b:1d:3b:33:e7:84:48:96
Signer

.text
Size: 723KB - Virtual size: 722KB

.rdata
Size: 209KB - Virtual size: 208KB

.data
Size: 26KB - Virtual size: 55KB

.rsrc
Size: 1016KB - Virtual size: 1015KB