2b415562950f4a41d8bf623f1f275046_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b415562950f4a41d8bf623f1f275046_JaffaCakes118
Size

1.6MB
MD5

2b415562950f4a41d8bf623f1f275046
SHA1

ee6d5f4cde9e79d906344c017f1424ffc2602caa
SHA256

3d2bef498e759b0d776a71e849aaeb89c1c0cc14fe5b0175f060bae5b17a226f
SHA512

ce5d0bc87302a5ec388d6e80555134dd41f0a29e86cabe1906176ce0960a9440c1ad180843c3b06a977728704c37cb257ea1dca04e3264a8d46680785eebc2a6
SSDEEP

24576:S0n585bgyXHZL6728fy7CEASir1IxS55X3PMvx++wIfqjiOjyVf5fu0aF94hcjRA:f85yfyuElN57nVsJ3UoKGzppcHSc

Score

1^/10

Malware Config

Signatures

Files

2b415562950f4a41d8bf623f1f275046_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4a2d484ced71a02cf63844a2fddf9c21

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

79:e2:99:00:6f:7a:e2:5e:06:2b:1a:7a:06:7f:c5:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

05/04/2006, 00:00

Not After

13/04/2009, 23:59

Subject

CN=CyberLink,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=CyberLink,L=Taipei,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

82:fe:40:ec:a0:64:3e:f3:b6:c4:79:d8:44:8a:d1:5f:29:48:f7:57
Signer

Actual PE Digest

82:fe:40:ec:a0:64:3e:f3:b6:c4:79:d8:44:8a:d1:5f:29:48:f7:57

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Work\Magic\OpenCV\_temp\CV_Rls\CV.pdb

Imports

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FatalAppExitA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemInfo
CompareStringW
CompareStringA
GetLocaleInfoW
HeapFree
HeapAlloc
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetLastError
GetLastError
GetCurrentThread
SetFilePointer
ReadFile
CloseHandle
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetACP
GetOEMCP
VirtualProtect
CreateFileA
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetTimeZoneInformation
SetEndOfFile
SetEnvironmentVariableA

user32

wsprintfA
MessageBoxA

Exports

Exports

??0CvCamShiftTracker@@QAE@ABV0@@Z
??0CvCamShiftTracker@@QAE@XZ
??0CvImage@@QAE@UCvSize@@HH@Z
??0CvImage@@QAE@XZ
??1CvCamShiftTracker@@UAE@XZ
??1CvImage@@QAE@XZ
??4CvCamShiftTracker@@QAEAAV0@ABV0@@Z
??4CvImage@@QAEAAU0@ABU0@@Z
??_7CvCamShiftTracker@@6B@
?byte_per_pixel@CvImage@@QBEHXZ
?color_transform@CvCamShiftTracker@@MAEXPBU_IplImage@@@Z
?copy@CvImage@@QAEAAU1@ABU1@@Z
?get_back_project@CvCamShiftTracker@@UAEPAU_IplImage@@XZ
?get_center@CvCamShiftTracker@@QBE?AUCvPoint2D32f@@XZ
?get_hist_dims@CvCamShiftTracker@@QBEHPAH@Z
?get_length@CvCamShiftTracker@@QBEMXZ
?get_max_ch_val@CvCamShiftTracker@@QBEHH@Z
?get_min_ch_val@CvCamShiftTracker@@QBEHH@Z
?get_orientation@CvCamShiftTracker@@QBEMXZ
?get_threshold@CvCamShiftTracker@@QBEHXZ
?get_width@CvCamShiftTracker@@QBEMXZ
?get_window@CvCamShiftTracker@@QBE?AUCvRect@@XZ
?image_data@CvImage@@QAEPAEXZ
?image_data@CvImage@@QBEPBEXZ
?image_roi_size@CvImage@@QBE?AUCvSize@@XZ
?query@CvCamShiftTracker@@QBEMPAH@Z
?reset_histogram@CvCamShiftTracker@@UAEXXZ
?set_hist_bin_range@CvCamShiftTracker@@QAE_NHHH@Z
?set_hist_dims@CvCamShiftTracker@@QAE_NHPAH@Z
?set_max_ch_val@CvCamShiftTracker@@QAE_NHH@Z
?set_min_ch_val@CvCamShiftTracker@@QAE_NHH@Z
?set_threshold@CvCamShiftTracker@@QAE_NH@Z
?set_window@CvCamShiftTracker@@QAE_NUCvRect@@@Z
?track_object@CvCamShiftTracker@@UAE_NPBU_IplImage@@@Z
?update_histogram@CvCamShiftTracker@@UAE_NPBU_IplImage@@@Z
cvAbsDiff
cvAbsDiffS
cvAcc
cvAdaptiveThreshold
cvAdd
cvAddS
cvAddWeighted
cvAlloc
cvAnd
cvAndS
cvApproxChains
cvApproxPoly
cvArcLength
cvAttrValue
cvAvg
cvAvgSdv
cvBoundingRect
cvBoxPoints
cvCalcAffineFlowPyrLK
cvCalcArrBackProject
cvCalcArrBackProjectPatch
cvCalcArrHist
cvCalcBayesianProb
cvCalcCovarMatrix
cvCalcCovarMatrixEx
cvCalcDecompCoeff
cvCalcEMD2
cvCalcEigenObjects
cvCalcGlobalOrientation
cvCalcImageHomography
cvCalcMotionGradient
cvCalcOpticalFlowBM
cvCalcOpticalFlowHS
cvCalcOpticalFlowLK
cvCalcOpticalFlowPyrLK
cvCalcPGH
cvCalcProbDensity
cvCalcSubdivVoronoi2D
cvCalibrateCamera
cvCalibrateCamera_64d
cvCamShift
cvCanny
cvCartToPolar
cvChangeSeqBlock
cvCheckArr
cvCheckContourConvexity
cvCircle
cvCircleAA
cvClearGraph
cvClearHist
cvClearMemStorage
cvClearND
cvClearSeq
cvClearSet
cvClearSubdivVoronoi2D
cvClone
cvCloneGraph
cvCloneImage
cvCloneMat
cvCloneMatND
cvCloneSparseMat
cvCmp
cvCmpS
cvCompareHist
cvComputeCorrespondEpilines
cvConDensInitSampleSet
cvConDensUpdateByTime
cvContourArea
cvContourFromContourTree
cvConvertMap
cvConvertScale
cvConvertScaleAbs
cvConvexHull2
cvConvexityDefects
cvCopy
cvCopyHist
cvCornerEigenValsAndVecs
cvCornerMinEigenVal
cvCountNonZero
cvCreate2DHMM
cvCreateChildMemStorage
cvCreateConDensation
cvCreateContourTree
cvCreateData
cvCreateGraph
cvCreateHandMask
cvCreateHist
cvCreateImage
cvCreateImageHeader
cvCreateKalman
cvCreateMat
cvCreateMatHeader
cvCreateMatND
cvCreateMatNDHeader
cvCreateMemStorage
cvCreateObsInfo
cvCreatePOSITObject
cvCreateSeq
cvCreateSeqBlock
cvCreateSet
cvCreateSparseMat
cvCreateStructuringElementEx
cvCreateSubdiv2D
cvCrossProduct
cvCvtColor
cvCvtPixToPlane
cvCvtPlaneToPix
cvCvtSeqToArray
cvDCT
cvDFT
cvDeleteMoire
cvDet
cvDilate
cvDistTransform
cvDiv
cvDotProduct
cvDrawContours
cvDynamicCorrespondMulti
cvEViterbi
cvEigenDecomposite
cvEigenProjection
cvEigenVV
cvEllipse
cvEllipseAA
cvEndFindContours
cvEndProfile
cvEndScanGraph
cvEndWriteSeq
cvEndWriteStruct
cvErode
cvError
cvErrorStr
cvEstimateHMMStateParams
cvEstimateObsProb
cvEstimateTransProb
cvExp
cvFillConvexPoly
cvFillInternalFuncsTable
cvFillPoly
cvFindChessBoardCornerGuesses
cvFindContours
cvFindCornerSubPix
cvFindExtrinsicCameraParams
cvFindExtrinsicCameraParams_64d
cvFindFundamentalMat
cvFindGraphEdge
cvFindGraphEdgeByPtr
cvFindHandRegion
cvFindHandRegionA
cvFindNearestPoint2D
cvFindNextContour
cvFindRuns
cvFindType
cvFirstType
cvFitEllipse2
cvFitLine
cvFlip
cvFloodFill
cvFlushSeqWriter
cvFree
cvFreeLibHandle
cvGEMM
cvGet1D
cvGet2D
cvGet3D
cvGetCallStack
cvGetCentralMoment
cvGetCols
cvGetDiag
cvGetDimSize
cvGetDims
cvGetElemType
cvGetErrMode
cvGetErrStatus
cvGetFileNode
cvGetHuMoments
cvGetImage
cvGetImageCOI
cvGetImageROI
cvGetLibraryInfo
cvGetMat
cvGetMinMaxHistValue
cvGetND
cvGetNormalizedCentralMoment
cvGetQuadrangleSubPix
cvGetRawData
cvGetReal1D
cvGetReal2D
cvGetReal3D
cvGetRealND
cvGetRectSubPix
cvGetRows
cvGetSeqElem
cvGetSeqReaderPos
cvGetSetElem
cvGetSize
cvGetSpatialMoment
cvGetSubRect
cvGetTextSize
cvGoodFeaturesToTrack
cvGraphAddEdge
cvGraphAddEdgeByPtr
cvGraphAddVtx
cvGraphRemoveEdge
cvGraphRemoveEdgeByPtr
cvGraphRemoveVtx
cvGraphRemoveVtxByPtr
cvGraphVtxDegree
cvGraphVtxDegreeByPtr
cvGuiBoxReport
cvHoughLines2
cvImgToObs_DCT
cvInRange
cvInRangeS
cvInitFont
cvInitImageHeader
cvInitLineIterator
cvInitMatHeader
cvInitMatNDHeader
cvInitMixSegm
cvInitSparseMatIterator
cvInitSubdivDelaunay2D
cvInitTreeNodeIterator
cvInsertNodeIntoTree
cvIntegral
cvInvert
cvKMeans2
cvKalmanCorrect
cvKalmanPredict
cvLUT
cvLaplace
cvLine
cvLineAA
cvLoadPrimitives
cvLog
cvMahalanobis
cvMake2DPoints
cvMake3DPoints
cvMakeAlphaScanlines
cvMakeHistHeaderForArray
cvMakeScanlines
cvMakeSeqHeaderForArray
cvMatMulAdd
cvMatMulAddS
cvMatchContourTrees
cvMatchShapes
cvMatchTemplate
cvMax
cvMaxRect
cvMaxS
cvMeanShift
cvMemStorageAlloc
cvMin
cvMinAreaRect2
cvMinEnclosingCircle
cvMinMaxLoc
cvMinS
cvMixSegmL2
cvMoments
cvMorphEpilinesMulti
cvMorphologyEx
cvMul
cvMulCcs
cvMulTransposed
cvMultiplyAcc
cvNextGraphItem
cvNextTreeNode
cvNorm
cvNormalizeHist
cvNot
cvNulDevReport
cvOpenFileStorage
cvOr
cvOrS
cvPOSIT
cvPartitionSeq
cvPerspectiveTransform
cvPolarToCart
cvPolyLine
cvPolyLineAA
cvPostWarpImage
cvPow
cvPreCornerDetect
cvPreWarpImage
cvPrevTreeNode
cvProject3D
cvProjectPoints
cvProjectPointsSimple
cvPtr1D
cvPtr2D
cvPtr3D
cvPtrND
cvPutText
cvPyrDown
cvPyrSegmentation
cvPyrUp
cvRand
cvRandInit
cvRandSetRange
cvRawDataToScalar
cvReadChainPoint
cvReadElem
cvReadFileNode
cvRectangle
cvRedirectError
cvRegisterType
cvRelease
cvRelease2DHMM
cvReleaseConDensation
cvReleaseData
cvReleaseFileStorage
cvReleaseHist
cvReleaseImage
cvReleaseImageHeader
cvReleaseKalman
cvReleaseMat
cvReleaseMemStorage
cvReleaseObsInfo
cvReleasePOSITObject
cvReleaseSparseMat
cvReleaseStructuringElement
cvRemoveNodeFromTree
cvRemoveProfile
cvRepeat
cvResetImageROI
cvReshape
cvReshapeMatND
cvResize
cvRestoreMemStoragePos
cvRodrigues
cvRunningAvg
cvSVBkSb
cvSVD
cvSampleLine
cvSaveMemStoragePos
cvScalarToRawData
cvScaleAdd
cvSegmentMotion
cvSeqElemIdx
cvSeqInsert
cvSeqInsertSlice
cvSeqInvert
cvSeqPop
cvSeqPopFront
cvSeqPopMulti
cvSeqPush
cvSeqPushFront
cvSeqPushMulti
cvSeqRemove
cvSeqRemoveSlice
cvSeqSlice
cvSeqSort
cvSet
cvSet1D
cvSet2D
cvSet3D
cvSetAdd
cvSetData
cvSetErrMode
cvSetErrStatus
cvSetHistBinRanges
cvSetIPLAllocators
cvSetIdentity
cvSetImageCOI
cvSetImageROI
cvSetMemoryManager
cvSetND
cvSetProfile
cvSetReal1D
cvSetReal2D
cvSetReal3D
cvSetRealND
cvSetRemove
cvSetSeqBlockSize
cvSetSeqReaderPos
cvSetZero
cvSmooth
cvSnakeImage
cvSobel
cvSolve
cvSolveCubic
cvSquareAcc
cvStartAppendToSeq
cvStartFindContours
cvStartProfile
cvStartReadChainPoints
cvStartReadSeq
cvStartScanGraph
cvStartWriteSeq
cvStartWriteStruct
cvStdErrReport
cvSub
cvSubRS
cvSubdiv2DLocate
cvSubdivDelaunay2DInsert
cvSubstituteContour
cvSum
cvThreshHist
cvThreshold
cvTrace
cvTranspose
cvTreeToNodeSeq
cvTypeOf
cvUnDistort
cvUnDistortInit
cvUnDistortOnce
cvUniformImgSegm
cvUnregisterType
cvUpdateMotionHistory
cvWrite
cvWriteElem
cvXor
cvXorS

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a2d484ced71a02cf63844a2fddf9c21

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

79:e2:99:00:6f:7a:e2:5e:06:2b:1a:7a:06:7f:c5:48Certificate

Extended Key Usages

Key Usages

82:fe:40:ec:a0:64:3e:f3:b6:c4:79:d8:44:8a:d1:5f:29:48:f7:57Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 24KB - Virtual size: 37KB

_RDATA Size: 40KB - Virtual size: 36KB

.data1 Size: 4KB - Virtual size: 24B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 52KB - Virtual size: 49KB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

79:e2:99:00:6f:7a:e2:5e:06:2b:1a:7a:06:7f:c5:48
Certificate

82:fe:40:ec:a0:64:3e:f3:b6:c4:79:d8:44:8a:d1:5f:29:48:f7:57
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 24KB - Virtual size: 37KB

_RDATA
Size: 40KB - Virtual size: 36KB

.data1
Size: 4KB - Virtual size: 24B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 52KB - Virtual size: 49KB