6a014a6595b75717e3c5434a9b41fc1b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a014a6595b75717e3c5434a9b41fc1b_JaffaCakes118
Size

2.9MB
MD5

6a014a6595b75717e3c5434a9b41fc1b
SHA1

03fb1d2c932171c9167f14fb6dd0a8cc1be2af67
SHA256

d369754d2946cc3509730d66e67e11cc098d9c12193cb42b23657f6261b85ddb
SHA512

c32277d03e00039e8039b17139672fce323ccc1ddc3902f34d3d217ddb3446203a29aa042bd408aa2e5333582eb590cbe278cab16e6e67c3c70141770f5a9993
SSDEEP

49152:eGONP2AAj4+vcLMiKuXTZasX1/d5b8sSm35tfX4uoFceh0UMxM4tBhuQcb7Ogi:gB03UMixD0oFd5b85iPo1cehdMxM4Nux

Score

1^/10

Malware Config

Signatures

Files

6a014a6595b75717e3c5434a9b41fc1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86565ddb9f22e1bb5772db7f1637a6a1

Code Sign

48:18:ee:6d:d2:6c:a2:60:b5:ce:b1:2e:bf:84:1b:7b
Certificate

Issuer

CN=Root Agency

Not Before

25/10/2011, 09:01

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

7a:cf:85:74:2f:f9:3d:a7:43:db:9d:3f:c9:8f:36:33:87:f4:e4:be
Signer

Actual PE Digest

7a:cf:85:74:2f:f9:3d:a7:43:db:9d:3f:c9:8f:36:33:87:f4:e4:be

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glColorMaterial
glRotated
glNormal3s
glIndexdv
glTexCoord1d
glColor3d
glMapGrid1d
glMap2f
glPixelTransferf
glGetTexImage
glGetFloatv
glPrioritizeTextures
glTexCoord1iv
glDisable
glLoadMatrixf
glGetTexGeniv
glSelectBuffer
glPushAttrib
glVertex4sv
glTexCoord4iv
glIndexMask
glTexCoord2i
glFogiv
glLightModelf
glColor4i

glu32

gluNewQuadric
gluPartialDisk
gluBeginTrim
gluEndSurface
gluProject
gluNewTess
gluQuadricTexture
gluNurbsProperty
gluTessEndPolygon
gluTessNormal
gluGetNurbsProperty
gluQuadricOrientation
gluBuild1DMipmaps
gluErrorString
gluGetString
gluNewNurbsRenderer
gluEndTrim
gluDeleteNurbsRenderer
gluPerspective
gluTessBeginContour
gluCylinder
gluDeleteTess

user32

SetWindowTextA
CreateDialogIndirectParamA
FindWindowExA
GetParent
IsWindowVisible
SetParent
GetDlgItemInt
ChildWindowFromPoint
SetForegroundWindow
GetDialogBaseUnits
GetNextDlgTabItem
IsIconic
ShowOwnedPopups
MessageBoxExA
GetWindowTextLengthA
SetWindowPlacement
GetDesktopWindow
LoadStringA

ole32

CoLockObjectExternal
CoRevokeMallocSpy
CoMarshalInterface
CoUninitialize
OleSetAutoConvert
CoIsHandlerConnected
BindMoniker
StringFromCLSID
CoGetMarshalSizeMax
CoSuspendClassObjects
CreateItemMoniker
CoTaskMemRealloc
GetClassFile
CreatePointerMoniker
CoCreateGuid
CoTaskMemFree
CoFreeUnusedLibraries
CoReleaseServerProcess

oleaut32

OleIconToCursor

comctl32

ord3
CreateToolbarEx
DrawStatusTextW
InitCommonControlsEx
ord8
ord2
ord4
ord16
PropertySheetW
ord14
InitializeFlatSB
UninitializeFlatSB
CreateStatusWindowW
CreatePropertySheetPageW
ord6
ord15

urlmon

CreateAsyncBindCtx
CreateFormatEnumerator

shlwapi

StrCSpnA
StrChrA
StrRStrIW
StrCmpNA
StrChrW
StrRChrIW
StrRChrW
StrChrIW
StrToIntA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode

kernel32

LocalUnlock
VirtualAllocEx
VirtualAlloc
LocalHandle
MultiByteToWideChar
IsBadWritePtr
GetCPInfoExA
GetSystemDefaultLangID
VirtualQueryEx
GetStartupInfoA
GetProcAddress
ExitProcess
GetModuleHandleA
LocalAlloc
GetStringTypeW
GlobalLock
OpenEventA
GlobalReAlloc

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 374KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86565ddb9f22e1bb5772db7f1637a6a1

Code Sign

48:18:ee:6d:d2:6c:a2:60:b5:ce:b1:2e:bf:84:1b:7bCertificate

7a:cf:85:74:2f:f9:3d:a7:43:db:9d:3f:c9:8f:36:33:87:f4:e4:beSigner

Headers

File Characteristics

Imports

opengl32

glu32

user32

ole32

oleaut32

comctl32

urlmon

shlwapi

msvcrt

kernel32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 374KB - Virtual size: 444KB

.rsrc Size: 5KB - Virtual size: 5KB

48:18:ee:6d:d2:6c:a2:60:b5:ce:b1:2e:bf:84:1b:7b
Certificate

7a:cf:85:74:2f:f9:3d:a7:43:db:9d:3f:c9:8f:36:33:87:f4:e4:be
Signer

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 374KB - Virtual size: 444KB

.rsrc
Size: 5KB - Virtual size: 5KB