bd34d7c3b92ed462ed581163c9a1326a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd34d7c3b92ed462ed581163c9a1326a_JaffaCakes118
Size

413KB
MD5

bd34d7c3b92ed462ed581163c9a1326a
SHA1

92449062894e564ec7c5a1accc0e292200956cca
SHA256

7693ecc7c0094babb250eaac9bfc73699ef926aa719cfecdc5d5ce40ac54ca24
SHA512

e9d91038a321770247242c9ee856e2fcf7f7cf493b5e7c21716ec9547e27e912316f2af95153c189b42b0951b9030dbb823f4be62beafade1098b67cdb152d9f
SSDEEP

6144:rIg6iw6bTHFDTtVyy1BCZVm/I2n0ERaxXchnOJee/LlldH1tQExkF68uPrdDqS7:1BhflHyrHm/30ERaNCgJldVtMkr5H7

Score

1^/10

Malware Config

Signatures

Files

bd34d7c3b92ed462ed581163c9a1326a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4357c0387339f4cfeb85e2f4e10a2748

Code Sign

78:f9:82:48:c4:84:a3:b2:44:85:cb:42:da:c7:4f:00
Certificate

Issuer

CN=Root Agency

Not Before

27/10/2011, 17:34

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

e0:61:82:cd:27:d5:65:1b:b7:c4:98:ce:eb:7b:60:ed:f3:03:86:a1
Signer

Actual PE Digest

e0:61:82:cd:27:d5:65:1b:b7:c4:98:ce:eb:7b:60:ed:f3:03:86:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glVertex2d
glRasterPos2dv
glColor3iv
glPopName
glCopyTexSubImage1D
glColor4ui
glIndexf
glRasterPos4iv
glIsList

glu32

gluOrtho2D
gluQuadricCallback
gluGetString
gluPwlCurve
gluPerspective
gluGetTessProperty
gluTessVertex

ole32

ProgIDFromCLSID
OleRegGetMiscStatus
CoRegisterPSClsid
CoReleaseMarshalData
CoReleaseServerProcess
CreateClassMoniker
CoFileTimeNow
RegisterDragDrop
CoGetTreatAsClass

comctl32

ord5
ord16
ord3
DestroyPropertySheetPage
PropertySheetA

advapi32

RegQueryMultipleValuesA
RegOverridePredefKey
RegCreateKeyExA

shlwapi

StrRChrIW
StrCSpnW

kernel32

GetOEMCP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapAlloc
HeapReAlloc
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeW
GetACP
GetPrivateProfileStructA
HeapCreate
GetLastError
FoldStringA
LocalLock
GetStringTypeA
HeapDestroy
SetLocaleInfoA
WritePrivateProfileSectionA
GetProfileStringA
GetProfileIntA
GetProcAddress
VirtualAlloc
GetModuleHandleA
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 381KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4357c0387339f4cfeb85e2f4e10a2748

Code Sign

78:f9:82:48:c4:84:a3:b2:44:85:cb:42:da:c7:4f:00Certificate

e0:61:82:cd:27:d5:65:1b:b7:c4:98:ce:eb:7b:60:ed:f3:03:86:a1Signer

Headers

File Characteristics

Imports

opengl32

glu32

ole32

comctl32

advapi32

shlwapi

kernel32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 381KB - Virtual size: 456KB

.rsrc Size: 5KB - Virtual size: 5KB

78:f9:82:48:c4:84:a3:b2:44:85:cb:42:da:c7:4f:00
Certificate

e0:61:82:cd:27:d5:65:1b:b7:c4:98:ce:eb:7b:60:ed:f3:03:86:a1
Signer

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 381KB - Virtual size: 456KB

.rsrc
Size: 5KB - Virtual size: 5KB