96ef5c79d43e7ae8addcf53581b641cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96ef5c79d43e7ae8addcf53581b641cb_JaffaCakes118
Size

109KB
MD5

96ef5c79d43e7ae8addcf53581b641cb
SHA1

a43370bbd31210012ef52f1154b49df63547a608
SHA256

bcb35712ff1631c5105e3b2881df4ebee8da5bb858832f7d2b6f7d8b09cf9b72
SHA512

bbe56399524924dde031fd6db9e6fc79230dcc82d7d177f9a6f1d89564f2263f952d9f49859aef5aad92d5d17ffe75db4d1d967715186451df28a113ff38f062
SSDEEP

1536:CDuOyXCzFXZsCEdNQ7T27PVF6r/w4iDHvU3hhwEuz/fagrj5o5KnXQdYS9g0rm97:BFk/6AhmDYEcrqvUXNF6n/Ld

Score

1^/10

Malware Config

Signatures

Files

96ef5c79d43e7ae8addcf53581b641cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f480a76badbe4706bd4ccd11445376ee

Code Sign

34:6f:fe:9f:35:97:28:a3:4b:a3:5a:93:7a:36:42:6e
Certificate

Issuer

CN=Root Agency

Not Before

21/09/2011, 10:46

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

8a:21:02:c9:eb:ab:41:54:87:8a:57:f1:df:e6:4f:08:47:36:41:71
Signer

Actual PE Digest

8a:21:02:c9:eb:ab:41:54:87:8a:57:f1:df:e6:4f:08:47:36:41:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glClipPlane
glColor4d
glBindTexture
glCopyTexSubImage2D
glCopyPixels
glAccum
glColor3s
glColor4b
glTexCoord3sv
glGetTexGeniv
glDepthFunc
glEvalCoord2d
glGenTextures
glRasterPos2iv
glColor4i
glPassThrough
glVertex4d
glMapGrid2d
glTexGeniv
glNewList
glRectd
glColor4fv
glPopAttrib
glRasterPos4d
glNormal3f
glStencilMask
glIsTexture
glMaterialiv
glRasterPos3iv
glEvalCoord1f
glCopyTexImage2D
glColor3d
glEvalCoord1d
glColor3b
glColorMaterial
glColor4s
glCallLists
glColor3i
glAlphaFunc
glDrawPixels
glColor4f
glCopyTexImage1D
glRasterPos4dv
glColor3f
glMap1f
glLineStipple
glTexCoord4iv
glTexSubImage2D
glScissor
glClearAccum
glFeedbackBuffer

glu32

gluCylinder
gluErrorUnicodeStringEXT
gluTessBeginPolygon
gluNurbsProperty
gluQuadricDrawStyle
gluTessProperty
gluOrtho2D
gluPartialDisk
gluTessNormal
gluTessEndPolygon
gluTessEndContour
gluNurbsCallback
gluQuadricOrientation
gluEndCurve
gluEndTrim
gluDeleteTess
gluDeleteQuadric
gluPerspective
gluGetTessProperty
gluUnProject
gluGetString
gluBeginCurve
gluQuadricCallback
gluNurbsCurve
gluTessCallback
gluTessVertex
gluScaleImage
gluLoadSamplingMatrices
gluBuild1DMipmaps

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

kernel32

GetProcAddress
ExitProcess
GetLastError
GetStartupInfoA
VirtualAlloc
GetModuleHandleA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f480a76badbe4706bd4ccd11445376ee

Code Sign

34:6f:fe:9f:35:97:28:a3:4b:a3:5a:93:7a:36:42:6eCertificate

8a:21:02:c9:eb:ab:41:54:87:8a:57:f1:df:e6:4f:08:47:36:41:71Signer

Headers

File Characteristics

Imports

opengl32

glu32

msvcrt

kernel32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 90KB - Virtual size: 156KB

34:6f:fe:9f:35:97:28:a3:4b:a3:5a:93:7a:36:42:6e
Certificate

8a:21:02:c9:eb:ab:41:54:87:8a:57:f1:df:e6:4f:08:47:36:41:71
Signer

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 90KB - Virtual size: 156KB