1b1c1ed5607807d1fddf7d6b582ef16e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1b1c1ed5607807d1fddf7d6b582ef16e_JaffaCakes118
Size

332KB
MD5

1b1c1ed5607807d1fddf7d6b582ef16e
SHA1

31d2acc0e95a17a3e02eb3c7fb2f0e25f3f206a1
SHA256

3b9aa7594cace9dc8b5d1d479c26553ea38e49a4f9e5690af8552141bee8a4f3
SHA512

eab6141397b35a441f8511c02a7f8ecb33828826adb8ccad9ab64072e3f554f80a10e8c4d87c4091089de2c781c953e540a3241f390cd1f8c153a7ddd1d06c78
SSDEEP

6144:UZB0n9qe61CtJDy0cnICoLyoxGwKeSk5CKNXE6sTOAzLoUqxi38g36g:Kc9QkxNS5oZaeSICKpEBO3UE6r36g

Score

1^/10

Malware Config

Signatures

Files

1b1c1ed5607807d1fddf7d6b582ef16e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

898bc84af352ba4c6cc93141f11dd8e5

Code Sign

45:19:0e:4f:13:f9:06:ac:49:2d:c4:03:0f:9e:7f:69
Certificate

Issuer

CN=Root Agency

Not Before

07/11/2011, 18:50

Not After

19/11/2041, 22:00

Subject

CN=LQC

Extended Key Usages

ExtKeyUsageCodeSigning

3f:e3:84:dd:4a:1f:a5:81:86:90:6d:7b:3c:6d:c4:b6:f9:c3:b8:78
Signer

Actual PE Digest

3f:e3:84:dd:4a:1f:a5:81:86:90:6d:7b:3c:6d:c4:b6:f9:c3:b8:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glEvalMesh1
glGetTexParameteriv
glMaterialiv
glMapGrid2f
glTexCoordPointer
glGetLightiv
glColor3bv
glInterleavedArrays
glColor3ubv
glClearDepth

glu32

gluOrtho2D
gluBuild1DMipmaps

ole32

CoLockObjectExternal
CoRegisterSurrogate
CoUnmarshalInterface
CoTaskMemFree
CoFileTimeNow
OleGetAutoConvert
OleRegGetMiscStatus
CoMarshalHresult
CoIsHandlerConnected

comctl32

ord5
ord17
CreateToolbarEx
ord6

urlmon

CreateFormatEnumerator

shlwapi

StrRStrIW
StrCSpnW
StrRChrW
StrStrA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_controlfp
_exit
_XcptFilter

kernel32

HeapSize
ReleaseMutex
GetTimeFormatA
GetSystemDefaultLangID
CreateMutexA
GetStartupInfoA
ExitProcess
GetProcAddress
GetModuleHandleA
GetTickCount
GetCurrencyFormatA
LocalUnlock
GlobalSize

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pji
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

znzmy
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

898bc84af352ba4c6cc93141f11dd8e5

Code Sign

45:19:0e:4f:13:f9:06:ac:49:2d:c4:03:0f:9e:7f:69Certificate

Extended Key Usages

3f:e3:84:dd:4a:1f:a5:81:86:90:6d:7b:3c:6d:c4:b6:f9:c3:b8:78Signer

Headers

File Characteristics

Imports

opengl32

glu32

ole32

comctl32

urlmon

shlwapi

msvcrt

kernel32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 507KB

pji Size: 214KB - Virtual size: 213KB

znzmy Size: 83KB - Virtual size: 82KB

.tls Size: 512B - Virtual size: 4B

.rsrc Size: 16KB - Virtual size: 15KB

45:19:0e:4f:13:f9:06:ac:49:2d:c4:03:0f:9e:7f:69
Certificate

3f:e3:84:dd:4a:1f:a5:81:86:90:6d:7b:3c:6d:c4:b6:f9:c3:b8:78
Signer

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 507KB

pji
Size: 214KB - Virtual size: 213KB

znzmy
Size: 83KB - Virtual size: 82KB

.tls
Size: 512B - Virtual size: 4B

.rsrc
Size: 16KB - Virtual size: 15KB