ddd338f280368ac2ea728ae67ae21797_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ddd338f280368ac2ea728ae67ae21797_JaffaCakes118
Size

335KB
MD5

ddd338f280368ac2ea728ae67ae21797
SHA1

5f340855bca55a2a3b1f5d4a32586c8cd4082fe3
SHA256

70ffbc1f38fc75f5ac5aa2992e1d0997fec91d590d249225baa14d5b12f9e4ce
SHA512

a0b5ce9516bf9d13df5623060378f1624a27063c4e1e16cb6a22bc510cd7c685337a41820e81e2d3a8f66c5ebdd40c645755a1f2b810e019bfcbbfd9c65c8a63
SSDEEP

6144:P/FTbKj+wZeZFSe3XVJVPKJaBS59Sr5eQTJlQ3LYKh2Qe/+RCJpVuy:XsqGe3X7E80zSr5XJlQ0Kioo6y

Score

1^/10

Malware Config

Signatures

Files

ddd338f280368ac2ea728ae67ae21797_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2c8d8ee8a4f84a616c5ac4ab35750f4

Code Sign

61:d2:e9:ff:82:99:5f:90:43:41:16:2d:7f:d6:35:ad
Certificate

Issuer

CN=Root Agency

Not Before

25/10/2011, 19:42

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

db:ee:9e:77:8b:09:4c:e4:3b:00:a2:f4:4a:01:a9:e3:2d:3a:d4:b6
Signer

Actual PE Digest

db:ee:9e:77:8b:09:4c:e4:3b:00:a2:f4:4a:01:a9:e3:2d:3a:d4:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glPixelMapfv
glRasterPos2iv
glLoadIdentity
glGetError
glTexGend
glIndexiv
glEvalMesh1
glFogi
glRectf
glVertex4f
glVertex2iv
glGetClipPlane
glTexCoord4iv
glReadPixels
glColor3us
glTexCoordPointer
glCullFace
glEvalPoint2
glPopMatrix
glVertex3sv
glLightModeliv
glColor4uiv
glGetPixelMapusv
glDrawElements
glGenLists
glTexGenfv
glPixelMapuiv
glEvalCoord1f
glIndexf
glTexGendv

glu32

gluTessBeginPolygon
gluQuadricCallback
gluNurbsCallback
gluBeginCurve
gluBuild2DMipmaps
gluEndSurface
gluTessCallback
gluUnProject
gluQuadricDrawStyle
gluPartialDisk
gluTessBeginContour
gluQuadricTexture
gluTessEndPolygon
gluNewNurbsRenderer
gluEndCurve
gluTessVertex
gluTessNormal
gluDeleteTess
gluErrorString
gluNewTess
gluLoadSamplingMatrices
gluDeleteQuadric
gluScaleImage
gluProject
gluPwlCurve
gluNurbsCurve
gluErrorUnicodeStringEXT

urlmon

CreateFormatEnumerator

kernel32

WriteFile
InterlockedDecrement
HeapFree
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind
VirtualFreeEx
VirtualFree
HeapCreate
HeapLock
SetThreadLocale
OpenMutexA
GetLocaleInfoA
LocalHandle
LocalLock
GlobalFree
SetLocaleInfoA
GetCPInfo
IsBadStringPtrA
WaitForMultipleObjects
InitializeCriticalSection
HeapValidate
GetSystemDefaultLangID
IsValidLocale
VirtualUnlock
HeapCompact
GetSystemDefaultLCID
GetModuleHandleA
ExitProcess
GetProcAddress
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 289KB - Virtual size: 657KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2c8d8ee8a4f84a616c5ac4ab35750f4

Code Sign

61:d2:e9:ff:82:99:5f:90:43:41:16:2d:7f:d6:35:adCertificate

db:ee:9e:77:8b:09:4c:e4:3b:00:a2:f4:4a:01:a9:e3:2d:3a:d4:b6Signer

Headers

File Characteristics

Imports

opengl32

glu32

urlmon

kernel32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 289KB - Virtual size: 657KB

.rsrc Size: 16KB - Virtual size: 15KB

61:d2:e9:ff:82:99:5f:90:43:41:16:2d:7f:d6:35:ad
Certificate

db:ee:9e:77:8b:09:4c:e4:3b:00:a2:f4:4a:01:a9:e3:2d:3a:d4:b6
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 289KB - Virtual size: 657KB

.rsrc
Size: 16KB - Virtual size: 15KB