JaffaCakes118_0ae86d6b04cc559cc4ef71d68fa4f71b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0ae86d6b04cc559cc4ef71d68fa4f71b
Size

260KB
MD5

0ae86d6b04cc559cc4ef71d68fa4f71b
SHA1

21dc87a4e1df1dede9325422944572af9ee50290
SHA256

1035e341f2a91f32e50e238d3a076b8621c3b93fdf9e63ce8bd483c3cc31212f
SHA512

6a619deddd71a6a883112ad7fa4f185748f14d8838d3354256f1b2efaece7413a7c8d955609cdf4cc352dd5de21bc826318b471591275d2aa58b98f3ef9615a3
SSDEEP

6144:+PMXuq6bpeV7ZDcjdm1ySI9bQbQteetyfZ:DXcl47Z++ySIRQbSeayfZ

Score

1^/10

Malware Config

Signatures

Files

JaffaCakes118_0ae86d6b04cc559cc4ef71d68fa4f71b
.exe windows:4 windows x86 arch:x86

4e058e84574ba863884851a1fe2ae795

Code Sign

16:4e:c6:23:3b:6c:10:3d:18:9c:ea:22:1c:18:f5:70
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

20-04-2011 00:00

Not After

10-05-2013 23:59

Subject

CN=SuperAdBlocker.com,OU=SECURE APPLICATION DEVELOPMENT,O=SuperAdBlocker.com,L=Eugene,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f0:b4:b1:7d:e0:95:93:24:33:d3:38:26:e2:2b:56:ff:8c:41:36:d6
Signer

Actual PE Digest

f0:b4:b1:7d:e0:95:93:24:33:d3:38:26:e2:2b:56:ff:8c:41:36:d6

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
lstrcmpiA
GetTimeFormatW
CreateNamedPipeA
CreateMailslotW
GetExitCodeThread
GetProcAddress
FindAtomW
CreateEventW
GetLocaleInfoA
GetModuleFileNameW
FileTimeToDosDateTime
lstrcpy
GetTimeFormatA
GetProcessHeaps
CreateSemaphoreW
SetLocaleInfoA
ConnectNamedPipe
OpenFile
LoadLibraryW
IsBadStringPtrW
EnumDateFormatsA
GlobalGetAtomNameA
DeleteAtom
GetDiskFreeSpaceW
FindResourceW
GetExpandedNameA
OpenSemaphoreW
GetVolumeInformationA
EnumTimeFormatsA
lstrcmpiW
GetStartupInfoW
GetTempPathW
IsBadCodePtr
QueryPerformanceFrequency
GetLongPathNameA
lstrcmpW
LoadResource
RemoveDirectoryW
EnumDateFormatsW
SetUnhandledExceptionFilter
GetLogicalDriveStringsA
LoadLibraryA
GetAtomNameA
GetLocaleInfoW
RaiseException
lstrcmpi
GetExpandedNameW
GetDateFormatW
CreateEventA
GetCurrentThreadId
FileTimeToSystemTime
MultiByteToWideChar
GetThreadPriority
lstrlenW
DisconnectNamedPipe
OpenWaitableTimerA
GetLastError
TlsAlloc
GetCurrentThread
GetFullPathNameA
SetCurrentDirectoryA
lstrlen
SearchPathW
ReplaceFileW
GetFileAttributesW
SetCalendarInfoA
GlobalDeleteAtom
GetComputerNameA
lstrlenA
GlobalFindAtomW
EnumCalendarInfoA
SetComputerNameW
CreateMailslotA
HeapCreate
OpenWaitableTimerW
BeginUpdateResourceA
GetModuleFileNameA
GetHandleInformation
GlobalFindAtomA
LoadLibraryA
GetMailslotInfo
GetFileAttributesA
OpenEventA
GetEnvironmentVariableW
GetEnvironmentVariableA
GetSystemDefaultLangID
DosDateTimeToFileTime
IsBadWritePtr
GetWindowsDirectoryW
CopyFileExA
GetLogicalDrives
Sleep
GetCalendarInfoA
CreateDirectoryA
BeginUpdateResourceW
GetEnvironmentStringsW
GetSystemDefaultLCID
CreateMutexW
CompareFileTime
GetCurrentDirectoryA
GetNumberFormatA
FindResourceA
ExpandEnvironmentStringsW
CreateNamedPipeW
GetLogicalDriveStringsW
SleepEx
GetVersionExW
FatalAppExitW
GetShortPathNameW
OpenMutexA
GetExitCodeProcess
FatalAppExitA
GetModuleHandleA
lstrcmpA
lstrcmp

user32

GetMenuItemCount
PeekMessageA
SetActiveWindow
DestroyCursor
CreateDialogIndirectParamA
CreateMenu
TrackPopupMenu
MoveWindow
RegisterClassA
InsertMenuA
IsWindow
ShowCursor
LoadBitmapA
CreateWindowExA
RegisterWindowMessageA
UnregisterClassW
GetSystemMetrics
InvalidateRect
DefWindowProcA
LoadMenuA
CharLowerW
FindWindowA
SetWindowPos
EndDialog
SetDlgItemInt
CreateWindowExW
CreateDesktopW
GetMenuItemID
PostQuitMessage
SetCursor
GetMessageW
RegisterWindowMessageW
ShowWindow
EnableMenuItem
PostMessageA
SetParent
AppendMenuA
RemoveMenu
CharUpperA
wvsprintfA
LoadImageW
OffsetRect
GetSysColor
FindWindowW
CharPrevW
GetMessageA
AdjustWindowRect
IsMenu
SetForegroundWindow
EnableWindow
SendDlgItemMessageW
MonitorFromRect
CharNextW
CreateDialogParamW
DefWindowProcW
GetCaretPos
GetDlgItemTextW
DialogBoxIndirectParamW
EnumWindows
UnregisterClassA
GetFocus
MessageBoxW
GetActiveWindow
CharLowerA
SetCursorPos
GetMenuStringA
SendDlgItemMessageA
GetClassInfoExW
InvalidateRgn
IsChild
GetMenuStringW
LoadIconW
GetTopWindow
CreateDesktopA
EmptyClipboard
SetCapture
SetDlgItemTextA
GetDCEx
GetSubMenu
GetSysColorBrush
DestroyIcon
CreatePopupMenu
MessageBoxIndirectW
keybd_event
GetClassInfoA
SetDlgItemTextW
LoadBitmapW
LoadMenuW
CopyRect
CharNextA
RegisterClassExW
GetClassInfoExA
GetAsyncKeyState
CreateDialogParamA
InsertMenuItemA
GetCapture
GetClassInfoW
GetDlgItemTextA
GetKeyboardLayout
LoadIconA
MonitorFromPoint
GetActiveWindow
wvsprintfW
GetForegroundWindow
GetScrollPos
LoadMenuIndirectW
PeekMessageW
LoadImageA
InsertMenuItemW
MessageBoxIndirectA
WaitForInputIdle

gdi32

SetEnhMetaFileBits
CreatePalette
AddFontResourceW
CreateDIBSection
CreateMetaFileA
CreateSolidBrush
CreateDIBPatternBrushPt
DeleteObject
CreateFontA
CreatePolyPolygonRgn
CreateBrushIndirect
GetMetaFileW
CreatePen
GetTextExtentPointA
GdiGetBatchLimit
StretchDIBits
CreateFontW
CreateICA
AddFontResourceA
CreateMetaFileW
CreateFontIndirectA
SelectBrushLocal
CreateScalableFontResourceW
SetWinMetaFileBits
TranslateCharsetInfo
GetStockObject
RemoveFontResourceExW
UpdateICMRegKeyW
UpdateICMRegKeyA
CreateDIBPatternBrush
CreateFontIndirectExA
CreateICW

advapi32

LsaCreateTrustedDomain
IsValidSecurityDescriptor
ConvertSDToStringSDRootDomainA
GetInformationCodeAuthzLevelW
AccessCheckByTypeResultListAndAuditAlarmByHandleA
CreatePrivateObjectSecurityEx
CryptImportKey
CreateServiceA
WmiDevInstToInstanceNameW
LookupPrivilegeDisplayNameW
AccessCheckAndAuditAlarmA
QueryAllTracesA

shell32

ShellExecuteEx

shlwapi

SHOpenRegStreamW
PathIsPrefixW
UrlApplySchemeW
StrCSpnA
StrTrimW
StrCSpnW
PathIsLFNFileSpecW
PathFindFileNameW
UrlGetLocationW
PathIsFileSpecW
StrCatChainW
StrStrNW
StrRChrW
StrPBrkA
wvnsprintfW
PathParseIconLocationW

setupapi

SetupEnumInfSectionsA
SetupDiSetDeviceRegistryPropertyW

rasmontr

RutlFree
RutlDwordDup

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e058e84574ba863884851a1fe2ae795

Code Sign

16:4e:c6:23:3b:6c:10:3d:18:9c:ea:22:1c:18:f5:70Certificate

Extended Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

f0:b4:b1:7d:e0:95:93:24:33:d3:38:26:e2:2b:56:ff:8c:41:36:d6Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

setupapi

rasmontr

Sections

.text Size: 12KB - Virtual size: 12KB

.edata Size: 109KB - Virtual size: 109KB

.rdata Size: 8KB - Virtual size: 13KB

.data Size: 10KB - Virtual size: 210KB

.edata Size: 108KB - Virtual size: 107KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 4KB

16:4e:c6:23:3b:6c:10:3d:18:9c:ea:22:1c:18:f5:70
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

f0:b4:b1:7d:e0:95:93:24:33:d3:38:26:e2:2b:56:ff:8c:41:36:d6
Signer

.text
Size: 12KB - Virtual size: 12KB

.edata
Size: 109KB - Virtual size: 109KB

.rdata
Size: 8KB - Virtual size: 13KB

.data
Size: 10KB - Virtual size: 210KB

.edata
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 4KB