b056f8189c050ea532d4c04cb7ed3e19_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b056f8189c050ea532d4c04cb7ed3e19_JaffaCakes118
Size

316KB
MD5

b056f8189c050ea532d4c04cb7ed3e19
SHA1

8e820cf37d44a02689b5bb6db7024cec812afde4
SHA256

8aaef5875106b71b6a450bcf36040383f483c3aa66ff32d494cd47c8c1973f59
SHA512

8ea02076e5cbc9ff4d6e614c57706c221195975de52535b66a127823ada2c0eb165f894b1d788e66d645026ba9033890c6bfd3924f91705b50c08684eaa549c9
SSDEEP

6144:p78BWGiIZOWqXXzTcCtF7mGBW60XLAEYzFEBFLXPJeaWVTANoQAO9W8IE7NOj:poZZFqTTcCD7pc7L/fLXPJpQTYoQe8bO

Score

1^/10

Malware Config

Signatures

Files

b056f8189c050ea532d4c04cb7ed3e19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ed0e8b6f2875c20b5e23576ec12cb51

Code Sign

33:14:00:6c:5f:b3:ec:5d:bb:cf:40:61:65:4d:38:3e
Certificate

Issuer

CN=Root Agency

Not Before

01/11/2011, 16:38

Not After

31/12/2039, 23:59

Subject

CN=XYZ Def

6a:1b:50:5f:8b:fd:7b:75:64:52:b8:50:d7:31:fa:5b:f8:f8:fc:4b
Signer

Actual PE Digest

6a:1b:50:5f:8b:fd:7b:75:64:52:b8:50:d7:31:fa:5b:f8:f8:fc:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glTexGeni
glColorPointer
glGetMaterialfv
glNormal3d
glPolygonStipple
glIndexfv
glTexImage1D
glGetLightfv
glRasterPos3d
glNormal3i

glu32

gluNurbsCallback
gluTessBeginContour
gluDeleteNurbsRenderer
gluTessVertex
gluDeleteTess
gluPickMatrix
gluNewNurbsRenderer
gluEndSurface

oledlg

ord8

advapi32

RegFlushKey

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__setusermatherr

kernel32

GetStartupInfoA
GetProfileSectionA
DeleteFileA
GetCurrentProcessId
CopyFileA
GetCurrentThreadId
GetProcAddress
ExitProcess
VirtualAlloc
GetPrivateProfileSectionNamesA
WriteProfileStringA
GetModuleHandleA
IsBadCodePtr
VirtualUnlock
WideCharToMultiByte
LocalFree
ReleaseSemaphore
HeapAlloc
GetPrivateProfileSectionA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ed0e8b6f2875c20b5e23576ec12cb51

Code Sign

33:14:00:6c:5f:b3:ec:5d:bb:cf:40:61:65:4d:38:3eCertificate

6a:1b:50:5f:8b:fd:7b:75:64:52:b8:50:d7:31:fa:5b:f8:f8:fc:4bSigner

Headers

File Characteristics

Imports

opengl32

glu32

oledlg

advapi32

msvcrt

kernel32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 285KB - Virtual size: 652KB

.rsrc Size: 16KB - Virtual size: 15KB

33:14:00:6c:5f:b3:ec:5d:bb:cf:40:61:65:4d:38:3e
Certificate

6a:1b:50:5f:8b:fd:7b:75:64:52:b8:50:d7:31:fa:5b:f8:f8:fc:4b
Signer

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 285KB - Virtual size: 652KB

.rsrc
Size: 16KB - Virtual size: 15KB