b88cada169103b36d6fed971c7288d74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b88cada169103b36d6fed971c7288d74_JaffaCakes118
Size

421KB
MD5

b88cada169103b36d6fed971c7288d74
SHA1

4777cba0de95a2558395332d654a2cf925ce99bf
SHA256

41806695dc6cdd9cbf1da901ad85c5557def430e81bb466df72acce67d222778
SHA512

98dd34e88a89d7457640c93b16f68db01360be7757ab60430002910c3efec1cba6b8b30aeb61d6cbbcb52ec18f978ce2af4b755e51db49e961a98fd052056221
SSDEEP

12288:1+Aa+HeMQno/nabBoEU3bzXy535jrX0HCFp/dmaE:1+Aa1o/abBogJEWp/JE

Score

1^/10

Malware Config

Signatures

Files

b88cada169103b36d6fed971c7288d74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d56c4835338e083682f56423947c00c8

Code Sign

23:ed:a8:47:5b:73:bd:9a:4f:60:9b:a3:d3:0f:c4:8a
Certificate

Issuer

CN=Root Agency

Not Before

25/10/2011, 14:35

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

0d:66:60:2a:72:77:2e:15:a2:c0:2d:8a:4e:59:14:96:2c:6a:71:e2
Signer

Actual PE Digest

0d:66:60:2a:72:77:2e:15:a2:c0:2d:8a:4e:59:14:96:2c:6a:71:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glVertex2s
glColor4dv
glMapGrid2d
glClipPlane
glEvalPoint1
glColorMaterial
glEvalCoord1f
glCallLists
glGetString
glTexParameterfv
glColor3s
glTexCoord1sv
glGetBooleanv
glPixelMapuiv
glEnableClientState
glAreTexturesResident
glNormal3bv
glVertex4d
glCullFace
glBegin
glRasterPos2d
glGetMapiv
glCopyPixels
glDisable
glTexCoord2s

glu32

gluCylinder
gluTessEndPolygon
gluProject
gluPwlCurve
gluNurbsSurface
gluQuadricCallback
gluDeleteNurbsRenderer
gluNurbsProperty
gluNewNurbsRenderer
gluScaleImage
gluUnProject
gluBuild2DMipmaps
gluEndSurface
gluTessNormal
gluTessEndContour
gluNurbsCurve
gluTessProperty
gluNurbsCallback
gluNewTess
gluBuild1DMipmaps
gluGetTessProperty
gluErrorUnicodeStringEXT

urlmon

CreateFormatEnumerator

kernel32

InterlockedDecrement
InterlockedIncrement
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
WriteFile
LocalSize
HeapFree
VirtualFree
HeapLock
GlobalHandle
PulseEvent
DeleteCriticalSection
WideCharToMultiByte
GetStringTypeA
OpenEventA
LocalUnlock
GetOEMCP
VirtualProtect
GetUserDefaultLangID
IsValidLocale
ReleaseSemaphore
LeaveCriticalSection
GetLocaleInfoA
HeapAlloc
GetUserDefaultLCID
LocalReAlloc
GlobalMemoryStatus
GetSystemDefaultLangID
ReleaseMutex
HeapUnlock
IsValidCodePage
SetEvent
OpenSemaphoreA
IsBadReadPtr
LocalFree
SetThreadLocale
GetModuleHandleA
ExitProcess
VirtualAlloc
GetProcAddress
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 386KB - Virtual size: 461KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d56c4835338e083682f56423947c00c8

Code Sign

23:ed:a8:47:5b:73:bd:9a:4f:60:9b:a3:d3:0f:c4:8aCertificate

0d:66:60:2a:72:77:2e:15:a2:c0:2d:8a:4e:59:14:96:2c:6a:71:e2Signer

Headers

File Characteristics

Imports

opengl32

glu32

urlmon

kernel32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 386KB - Virtual size: 461KB

.rsrc Size: 5KB - Virtual size: 5KB

23:ed:a8:47:5b:73:bd:9a:4f:60:9b:a3:d3:0f:c4:8a
Certificate

0d:66:60:2a:72:77:2e:15:a2:c0:2d:8a:4e:59:14:96:2c:6a:71:e2
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 386KB - Virtual size: 461KB

.rsrc
Size: 5KB - Virtual size: 5KB