3abad7c8479d37e041f16451a173df05_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3abad7c8479d37e041f16451a173df05_JaffaCakes118
Size

109KB
MD5

3abad7c8479d37e041f16451a173df05
SHA1

ad850b477e61ac659f8cb7ac68e00347045b4cf4
SHA256

6196cfbeee5853b09099fa8a761298c08fa50872c8779f6570756e23735c82bc
SHA512

30aaea7b95563008008f03bc1655d79c87a09de3d8605ca7dafd89c89b380c8e31abcd3e6600ae879f7e2c31e96deca7a348f1cda26b9b94dc194cec8604e2bd
SSDEEP

3072:B608fOpJZkZZcrponn3svEqILV0uVoSMGCDGWI9H6T:zkZZxMfuVoSj6IH6T

Score

1^/10

Malware Config

Signatures

Files

3abad7c8479d37e041f16451a173df05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ee9b6cb8a399d3328a73ddea3d3c2a7

Code Sign

6d:bf:22:f9:41:d4:17:bb:44:54:f1:5a:f4:b9:f0:7c
Certificate

Issuer

CN=Root Agency

Not Before

28/09/2011, 20:05

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

33:4b:df:b8:6c:57:a7:cb:80:4d:7c:c2:73:27:ee:83:bf:74:4f:e1
Signer

Actual PE Digest

33:4b:df:b8:6c:57:a7:cb:80:4d:7c:c2:73:27:ee:83:bf:74:4f:e1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glMapGrid2d
glPushClientAttrib
glIndexsv
glScissor
glMapGrid1d
glMapGrid2f
glGetError
glLoadIdentity
glTranslatef
glReadBuffer
glTexEnvf
glViewport
glTexGend
glScalef
glRotatef
glTranslated
glScaled
glRasterPos3sv
glTexEnvi
glGetTexGendv
glEvalCoord1dv
glCopyTexSubImage2D
glPolygonStipple
glColor3uiv
glTexCoord4d
glColor4ui
glColor4iv
glColor3i
glMapGrid1f
glGetDoublev
glColor4i
glRectfv
glTexGeni
glTexCoord1d
glLightModeliv

glu32

gluNewQuadric
gluDisk
gluPartialDisk
gluBeginSurface
gluTessEndPolygon
gluNurbsCurve
gluScaleImage
gluSphere
gluErrorUnicodeStringEXT
gluNewNurbsRenderer
gluBuild1DMipmaps
gluTessBeginContour
gluQuadricNormals
gluNewTess
gluNurbsCallback
gluGetString
gluDeleteTess
gluBeginCurve
gluNurbsSurface
gluTessVertex
gluUnProject
gluLoadSamplingMatrices

ole32

CreateDataAdviseHolder
CreateFileMoniker
StringFromCLSID
OleRegGetMiscStatus
CoGetTreatAsClass
CoCreateInstance
CoLoadLibrary
ProgIDFromCLSID
CoRegisterMallocSpy
CreatePointerMoniker
CoRegisterClassObject
CoRevokeClassObject
OleDoAutoConvert
CoGetMalloc
GetRunningObjectTable
GetClassFile
CoGetStandardMarshal
CreateClassMoniker
CoMarshalHresult
CreateBindCtx
CoUnmarshalHresult
CoGetClassObject
CoUninitialize
CoFileTimeNow

comctl32

ord15
ord4
CreateStatusWindowW
ord17
ord5
PropertySheetA
ord6
UninitializeFlatSB
ord14
ord3
ord16
CreateToolbarEx
InitCommonControlsEx
PropertySheetW
ord2
DestroyPropertySheetPage
ord13
CreatePropertySheetPageA

shlwapi

StrRStrIW
StrCSpnW
StrToIntA
StrRChrIW
StrStrA

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__getmainargs
_except_handler3
_controlfp
_acmdln
exit
_XcptFilter
_exit
__set_app_type

kernel32

GetProcAddress
VirtualAlloc
ExitProcess
GetStartupInfoA
GetModuleHandleA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ee9b6cb8a399d3328a73ddea3d3c2a7

Code Sign

6d:bf:22:f9:41:d4:17:bb:44:54:f1:5a:f4:b9:f0:7cCertificate

33:4b:df:b8:6c:57:a7:cb:80:4d:7c:c2:73:27:ee:83:bf:74:4f:e1Signer

Headers

File Characteristics

Imports

opengl32

glu32

ole32

comctl32

shlwapi

msvcrt

kernel32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 90KB - Virtual size: 157KB

6d:bf:22:f9:41:d4:17:bb:44:54:f1:5a:f4:b9:f0:7c
Certificate

33:4b:df:b8:6c:57:a7:cb:80:4d:7c:c2:73:27:ee:83:bf:74:4f:e1
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 90KB - Virtual size: 157KB