f5b36dc43e84a43621681d6176ae87c0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f5b36dc43e84a43621681d6176ae87c0_JaffaCakes118
Size

420KB
MD5

f5b36dc43e84a43621681d6176ae87c0
SHA1

7d5f06281bb6bf77894df6e6307606c9537010e4
SHA256

99f438579686c85f2f7611a9165086f3a78b1a3ccea6e2c012a2dce2c530c6a1
SHA512

c8f617f52a0e50c039e37b1fcc57294a3b276972e4e6dccaf052bca7bff2e4cf132da7b28252eb741e2371c038827790c135e6c1154bfaa50151307411254efc
SSDEEP

12288:DX0Ffsi0l0vPKLQvaRc+UyeXSy+QBPtiTEMP:DXGE7l0vSLQv8c+UyYFBA9P

Score

1^/10

Malware Config

Signatures

Files

f5b36dc43e84a43621681d6176ae87c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43118b3ae0bc97e19b3dc8ac66970888

Code Sign

0f:f6:ae:ac:42:42:29:a0:4c:8f:d2:48:f5:54:9e:82
Certificate

Issuer

CN=Root Agency

Not Before

25-10-2011 15:50

Not After

31-12-2039 23:59

Subject

CN=Joe's-Software-Emporium

26:c9:21:93:92:4d:1d:82:07:ad:3b:6f:86:87:d4:18:1c:11:5c:7b
Signer

Actual PE Digest

26:c9:21:93:92:4d:1d:82:07:ad:3b:6f:86:87:d4:18:1c:11:5c:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glVertex4iv
glPopClientAttrib
glIndexdv
glGetDoublev
glTexGend
glColorMaterial
glFogiv
glColor4iv
glCopyTexSubImage1D
glDrawPixels
glRasterPos3f
glVertex3s
glFlush
glTexCoord4sv
glNormal3dv
glMaterialiv
glGetMaterialiv
glVertex2i
glArrayElement
glLighti
glTexCoord2f
glEdgeFlag
glGetMapiv
glVertex3i
glGetPixelMapfv
glTexCoord3fv
glRectdv
glNewList
glCallLists
glColor4sv

glu32

gluTessBeginPolygon
gluNewNurbsRenderer
gluTessProperty
gluBuild1DMipmaps
gluTessCallback
gluNewTess
gluGetTessProperty
gluDisk
gluPwlCurve
gluPerspective
gluNewQuadric
gluLoadSamplingMatrices
gluDeleteQuadric
gluScaleImage
gluPickMatrix
gluQuadricTexture
gluEndCurve
gluNurbsSurface
gluErrorString
gluBeginSurface

urlmon

CreateFormatEnumerator

kernel32

LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
WriteFile
HeapCreate
GetLastError
TlsGetValue
SetLastError
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind
MultiByteToWideChar
TlsAlloc
LocalFlags
VirtualAllocEx
GlobalHandle
IsValidCodePage
VirtualQueryEx
InitializeCriticalSection
WaitForSingleObject
GetProcessHeap
VirtualLock
ResetEvent
GetCPInfo
VirtualProtectEx
EnterCriticalSection
PulseEvent
GetThreadLocale
VirtualFree
CompareStringA
IsValidLocale
CreateMutexA
HeapValidate
HeapFree
HeapDestroy
IsBadWritePtr
HeapWalk
IsBadStringPtrA
SetLocaleInfoA
GlobalFlags
GetModuleHandleA
ExitProcess
GetProcAddress
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 385KB - Virtual size: 461KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43118b3ae0bc97e19b3dc8ac66970888

Code Sign

0f:f6:ae:ac:42:42:29:a0:4c:8f:d2:48:f5:54:9e:82Certificate

26:c9:21:93:92:4d:1d:82:07:ad:3b:6f:86:87:d4:18:1c:11:5c:7bSigner

Headers

File Characteristics

Imports

opengl32

glu32

urlmon

kernel32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 385KB - Virtual size: 461KB

.rsrc Size: 5KB - Virtual size: 5KB

0f:f6:ae:ac:42:42:29:a0:4c:8f:d2:48:f5:54:9e:82
Certificate

26:c9:21:93:92:4d:1d:82:07:ad:3b:6f:86:87:d4:18:1c:11:5c:7b
Signer

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 385KB - Virtual size: 461KB

.rsrc
Size: 5KB - Virtual size: 5KB