3a07dd3c3102cae3b66a616691b39ca0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a07dd3c3102cae3b66a616691b39ca0_JaffaCakes118
Size

397KB
MD5

3a07dd3c3102cae3b66a616691b39ca0
SHA1

f5352fe5a8ab47f0dff31bd89c295b63ee5bfd51
SHA256

d018bb082d0d768a09a8259bac61bea1f356476ecc3242107ab8241e7cb5fea0
SHA512

194770ebe7633a53ad0cfbd7f8e76f6a5e2d3519891e877a407d7902e8a5f4581fea3869642efb5646bb90665116ea216d04aefb3a90a81eea6ecb96fb772b0b
SSDEEP

12288:yk1Z/NVy6ixxrno8nDzu8MOH8qLsAQsnY:3NVixtDzIOHLTnY

Score

1^/10

Malware Config

Signatures

Files

3a07dd3c3102cae3b66a616691b39ca0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b269ac758aa8494c82052cfa1b21a0a

Code Sign

30:46:0e:c4:18:4e:07:a6:4e:a3:95:6a:0c:50:19:94
Certificate

Issuer

CN=Root Agency

Not Before

28-10-2011 07:40

Not After

31-12-2039 23:59

Subject

CN=Joe's-Software-Emporium

56:78:f2:90:75:7b:aa:b6:66:60:43:10:6e:05:ae:80:a6:3f:86:a8
Signer

Actual PE Digest

56:78:f2:90:75:7b:aa:b6:66:60:43:10:6e:05:ae:80:a6:3f:86:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glTexCoord2sv
glTexCoord3s
glPushName
glPopClientAttrib
glColor4dv
glColor3ubv
glDrawArrays

glu32

gluDeleteNurbsRenderer
gluTessVertex
gluQuadricOrientation
gluBeginCurve
gluTessCallback
gluNurbsCallback
gluNewTess
gluGetTessProperty

oleaut32

VarFormat

advapi32

RegOverridePredefKey
RegUnLoadKeyA
RegNotifyChangeKeyValue
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA
RegLoadKeyA

urlmon

CreateFormatEnumerator

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_initterm

kernel32

CreateFileA
GetProfileSectionA
GetLastError
GetProcAddress
GetModuleHandleA
VirtualAlloc
ExitProcess
GetStartupInfoA
CloseHandle
GetPrivateProfileStructA
GetProfileIntA
IsBadCodePtr
GetCPInfoExA
GetACP
FoldStringA
CompareStringA
GetCurrencyFormatA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 375KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b269ac758aa8494c82052cfa1b21a0a

Code Sign

30:46:0e:c4:18:4e:07:a6:4e:a3:95:6a:0c:50:19:94Certificate

56:78:f2:90:75:7b:aa:b6:66:60:43:10:6e:05:ae:80:a6:3f:86:a8Signer

Headers

File Characteristics

Imports

opengl32

glu32

oleaut32

advapi32

urlmon

msvcrt

kernel32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 375KB - Virtual size: 444KB

.rsrc Size: 5KB - Virtual size: 5KB

30:46:0e:c4:18:4e:07:a6:4e:a3:95:6a:0c:50:19:94
Certificate

56:78:f2:90:75:7b:aa:b6:66:60:43:10:6e:05:ae:80:a6:3f:86:a8
Signer

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 375KB - Virtual size: 444KB

.rsrc
Size: 5KB - Virtual size: 5KB