8e5771cb5221c4abf23f9cb2cd50c28b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e5771cb5221c4abf23f9cb2cd50c28b_JaffaCakes118
Size

28KB
MD5

8e5771cb5221c4abf23f9cb2cd50c28b
SHA1

fd6219ce4b373ce1fa132688411f952e0f282b41
SHA256

7725440e4cfeaa45183730611adc2e0bf31e8d4a460323d711e81d3eff3d7581
SHA512

f1156ce8077782e03439e8e2cfd2f2bfb1f8765f82c014a9a783333065dc3089351e2c72150e5883fbf3ad616b067a2b8e36cc9a33512a5ae310c96b65246d1e
SSDEEP

384:tCIVlHTv8J/2+FhwNGbfl12Cu6WOhj2Cu6BrmHW9UlQRt0TqN+usD8qjuaKnhnN+:5lmqNG5/miDA5KpA8s6FI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e5771cb5221c4abf23f9cb2cd50c28b_JaffaCakes118

Files

8e5771cb5221c4abf23f9cb2cd50c28b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9d373cc059ef589de194c4682537fdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdiplusShutdown
GdipSaveImageToFile
GdipLoadImageFromFile
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipDisposeImage

gdi32

GdiFlush
CreateCompatibleBitmap
SetTextColor
SetPixelFormat
SetBkMode
SelectObject
GetObjectA
GetDeviceCaps
ChoosePixelFormat
DeleteObject
DeleteDC
CreateFontIndirectA
CreateFontA
CreateDIBSection
CreateCompatibleDC
BitBlt

user32

DestroyWindow
DispatchMessageA
ExitWindowsEx
GetClientRect
ChangeDisplaySettingsA
DefWindowProcA
TranslateMessage
ShowWindow
SetWindowTextA
SetWindowPos
SetTimer
SendMessageA
ReleaseDC
CreateWindowExA
PostQuitMessage
MessageBoxA
LoadIconA
LoadCursorA
GetWindowDC
GetSystemMetrics
GetMessageA
GetDC
UpdateWindow
RegisterClassExA

kernel32

SetLastError
MulDiv
FlushFileBuffers
CloseHandle
CopyFileA
CreateFileA
CreatePipe
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FormatMessageA
GetCommandLineA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetWindowsDirectoryA
GlobalAlloc
GetStdHandle
FindFirstFileA
FindClose
lstrlenA
lstrcpynA
lstrcpyA
GlobalFree
LoadLibraryA
MultiByteToWideChar
ReadFile
RtlZeroMemory
SetCurrentDirectoryA
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
GetFileSize

winmm

mixerGetControlDetailsA
mixerGetLineControlsA
mixerOpen
mixerSetControlDetails
waveOutClose
waveOutGetErrorTextA
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
mciSendCommandA
mixerClose

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

msvfw32

DrawDibOpen
DrawDibDraw

avifil32

AVIFileGetStream
AVIFileInit
AVIFileOpenA
AVIFileRelease
AVIStreamStart
AVIStreamRelease
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamGetFrameClose
AVIStreamGetFrame

oleaut32

OleLoadPicture

comdlg32

GetOpenFileNameA

wininet

InternetReadFile
InternetOpenUrlA
HttpEndRequestA
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetGetConnectedState
InternetOpenA

avicap32

capCreateCaptureWindowA

opengl32

wglMakeCurrent
wglCreateContext

ws2_32

WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
gethostbyname
htons
inet_ntoa
listen
recv
send
socket
WSAAsyncSelect
WSACleanup

iphlpapi

GetTcpTable

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9d373cc059ef589de194c4682537fdd

Headers

File Characteristics

Imports

gdiplus

gdi32

user32

kernel32

winmm

shell32

ole32

advapi32

msvfw32

avifil32

oleaut32

comdlg32

wininet

avicap32

opengl32

ws2_32

iphlpapi

Sections

.text Size: 19KB - Virtual size: 18KB

code Size: 512B - Virtual size: 336B

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 19KB - Virtual size: 18KB

code
Size: 512B - Virtual size: 336B

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B