865f9c7faca042a6594b03ca4493b333_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

865f9c7faca042a6594b03ca4493b333_JaffaCakes118
Size

318KB
MD5

865f9c7faca042a6594b03ca4493b333
SHA1

0d1ffdb62aa2532a776d6b8cf0759e159af5a4ec
SHA256

3ee61fd344593342471b64d8ad8d1630d6eed63cf6756461533ab1d0c7d08e7c
SHA512

9f1c1f8a62205e0633c19b88ffdccfa256c5fe397a728bccda281c15f92f2a821e5c42ce7dd5548c9a75b2f8d96de5e49cd943da9d246e54997833f2228286e0
SSDEEP

6144:H+zZtQYkoPEqmOragoaPPPSfIMeCXf84rmUFyDlNn8YvhIxdkm:HS/kofoaPP5MeCXfBrmUald4dkm

Score

1^/10

Malware Config

Signatures

Files

865f9c7faca042a6594b03ca4493b333_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e21a1a426ed63279489d51c55404f80b

Code Sign

34:9c:29:44:39:24:27:4a:bd:de:29:20:dd:ca:d4:8d
Certificate

Issuer

CN=Root Agency

Not Before

29/10/2011, 12:50

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

71:70:ae:a7:8d:3e:1b:bb:1a:7b:37:35:b3:fe:ef:96:a9:30:7d:d4
Signer

Actual PE Digest

71:70:ae:a7:8d:3e:1b:bb:1a:7b:37:35:b3:fe:ef:96:a9:30:7d:d4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glGetPixelMapusv
glPixelStorei
glEvalCoord2dv
glVertex2iv
glListBase

glu32

gluPartialDisk
gluTessNormal
gluBuild1DMipmaps
gluNurbsSurface
gluTessProperty
gluBeginTrim
gluTessCallback
gluEndTrim
gluDeleteQuadric

ole32

OleRun

urlmon

CreateFormatEnumerator

msvcrt

__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit

kernel32

ExitProcess
VirtualAlloc
GetProcAddress
GetStartupInfoA
GetModuleHandleA
GetLastError
CreateFileA
CloseHandle
LocalFree
IsBadStringPtrA
PulseEvent
GlobalAlloc
IsBadCodePtr
CompareStringA
OpenSemaphoreA
LocalUnlock
CreateSemaphoreA
SetEvent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e21a1a426ed63279489d51c55404f80b

Code Sign

34:9c:29:44:39:24:27:4a:bd:de:29:20:dd:ca:d4:8dCertificate

71:70:ae:a7:8d:3e:1b:bb:1a:7b:37:35:b3:fe:ef:96:a9:30:7d:d4Signer

Headers

File Characteristics

Imports

opengl32

glu32

ole32

urlmon

msvcrt

kernel32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 285KB - Virtual size: 652KB

.rsrc Size: 16KB - Virtual size: 15KB

34:9c:29:44:39:24:27:4a:bd:de:29:20:dd:ca:d4:8d
Certificate

71:70:ae:a7:8d:3e:1b:bb:1a:7b:37:35:b3:fe:ef:96:a9:30:7d:d4
Signer

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 285KB - Virtual size: 652KB

.rsrc
Size: 16KB - Virtual size: 15KB