65791d4a75d5b814b49940cd380b0ae3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65791d4a75d5b814b49940cd380b0ae3_JaffaCakes118
Size

412KB
MD5

65791d4a75d5b814b49940cd380b0ae3
SHA1

67aa3ce0a4f3b1a6f7cff35ff3e56d6b548a48b4
SHA256

baae24cc37a3b18117d5262bffbf55f231b80529197acb96df1b3c887adf1186
SHA512

117c6e27941276042036db64a8eeae84137f912026a0d5067e0e365d96e7786ddec4dd739246c6cfb2fcf322fe1a409a70b2c769ce9a2738aba44a5db5bd56df
SSDEEP

12288:5onghRHAejjATUdm8WWw7c011D21iP7MOD1Xn:5Sgznj0TUdm9X11KYPYaXn

Score

1^/10

Malware Config

Signatures

Files

65791d4a75d5b814b49940cd380b0ae3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e10a0a09e9433785d87158bc3a8b658f

Code Sign

48:a8:08:3c:50:9d:0c:bb:43:f1:ee:6a:be:ee:36:69
Certificate

Issuer

CN=Root Agency

Not Before

27/10/2011, 17:34

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

c7:0b:c2:28:68:9c:bc:71:86:ec:44:35:9a:bd:b1:eb:c1:4e:9a:23
Signer

Actual PE Digest

c7:0b:c2:28:68:9c:bc:71:86:ec:44:35:9a:bd:b1:eb:c1:4e:9a:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glEnable
glRasterPos3sv
glGetFloatv
glGenLists
glIndexd
glListBase
glMateriali
glColor4ub

glu32

gluScaleImage
gluPartialDisk
gluEndTrim
gluTessProperty
gluErrorUnicodeStringEXT
gluBeginTrim
gluQuadricNormals

ole32

OleRegGetMiscStatus
CoMarshalInterface
CreateAntiMoniker
CoMarshalHresult
GetRunningObjectTable
CoRevokeClassObject
ProgIDFromCLSID
CoRegisterMallocSpy
CoRegisterSurrogate
RegisterDragDrop
GetClassFile

comctl32

ord13
ord3
CreatePropertySheetPageA
DestroyPropertySheetPage

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA

shlwapi

StrChrIW
StrChrA
StrCSpnA

kernel32

GetACP
GetOEMCP
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapAlloc
HeapReAlloc
MultiByteToWideChar
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeW
GetCPInfo
WritePrivateProfileStringA
GetLastError
TlsGetValue
SetLastError
HeapDestroy
GlobalMemoryStatus
HeapValidate
VirtualFreeEx
GetStringTypeA
WritePrivateProfileSectionA
GetModuleHandleA
ExitProcess
VirtualAlloc
GetProcAddress
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 381KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e10a0a09e9433785d87158bc3a8b658f

Code Sign

48:a8:08:3c:50:9d:0c:bb:43:f1:ee:6a:be:ee:36:69Certificate

c7:0b:c2:28:68:9c:bc:71:86:ec:44:35:9a:bd:b1:eb:c1:4e:9a:23Signer

Headers

File Characteristics

Imports

opengl32

glu32

ole32

comctl32

advapi32

shlwapi

kernel32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 381KB - Virtual size: 452KB

.rsrc Size: 5KB - Virtual size: 5KB

48:a8:08:3c:50:9d:0c:bb:43:f1:ee:6a:be:ee:36:69
Certificate

c7:0b:c2:28:68:9c:bc:71:86:ec:44:35:9a:bd:b1:eb:c1:4e:9a:23
Signer

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 381KB - Virtual size: 452KB

.rsrc
Size: 5KB - Virtual size: 5KB