e22e4582ca0520fc2dae75e26b35ce0b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e22e4582ca0520fc2dae75e26b35ce0b_JaffaCakes118
Size

14.2MB
MD5

e22e4582ca0520fc2dae75e26b35ce0b
SHA1

ea4ae8aa9a3462164f353258b5dfdf56a27a793f
SHA256

27228c21c361bb848fb33435b9a8c8f32e48e284f5919dec1a34c999bdc54582
SHA512

bb0a3af630dd49c27a1882d367ba2a9e7348c7d69dc2d1e830297341fff67f5f9fc7a63e6b305a997cc2e02ee379f47a5af834430628d47be7b992c1c11ca176
SSDEEP

49152:YJLc1kqIk5yFDgCRX6H4FPT0HB+ZGB/p43O7w9VFZnpu+2RJli7VS5C:Ya1p55YfRqH1xtUFNpuBRJli7VS5C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e22e4582ca0520fc2dae75e26b35ce0b_JaffaCakes118

Files

e22e4582ca0520fc2dae75e26b35ce0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fb38a74f5d19ae88e8020c08af5e111

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Dev21\AntiSpywareBot\trunk_ns\release\AntiSpywareBot.pdb

Imports

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

kernel32

WriteFile
ReadFile
GetOverlappedResult
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GetModuleFileNameW
SetThreadPriority
SuspendThread
GlobalAddAtomA
GetCurrentProcessId
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GetThreadLocale
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
InterlockedIncrement
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetCurrentDirectoryA
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
SleepEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisconnectNamedPipe
HeapReAlloc
VirtualProtect
VirtualQuery
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
SetEnvironmentVariableA
SetStdHandle
GetFileType
ExitProcess
RaiseException
HeapSize
GetACP
IsValidCodePage
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
QueryDosDeviceA
GetStringTypeA
GetStringTypeW
GetDriveTypeA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
ConnectNamedPipe
VirtualFree
VirtualAlloc
SetCurrentDirectoryA
GetFileSize
LocalAlloc
TerminateThread
CreateFileA
GetSystemTime
SystemTimeToFileTime
InterlockedDecrement
WinExec
lstrcpynA
FileTimeToLocalFileTime
GetSystemDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetTempPathA
WritePrivateProfileStringA
HeapFree
GetProcessHeap
HeapAlloc
FreeLibrary
LoadLibraryA
CreateToolhelp32Snapshot
SetLastError
GetVersionExA
GetSystemInfo
FormatMessageA
FileTimeToSystemTime
GetFileTime
TerminateProcess
ExpandEnvironmentStringsA
MoveFileA
DeleteFileA
LocalFree
CopyFileA
SetFileAttributesA
GetFileAttributesA
CreateNamedPipeA
GetCurrentProcess
Process32Next
OpenProcess
Process32First
SetConsoleScreenBufferSize
LeaveCriticalSection
GetStdHandle
EnterCriticalSection
GetConsoleScreenBufferInfo
AllocConsole
DeleteCriticalSection
FreeConsole
CreateDirectoryA
GetLocalTime
Sleep
InitializeCriticalSection
GetModuleFileNameA
lstrcpyA
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
ResetEvent
GlobalLock
SetEvent
WaitForSingleObject
CloseHandle
GetWindowsDirectoryA
CreateEventA
GlobalAlloc
GetProcAddress
FreeResource
GetModuleHandleA
GetEnvironmentVariableA
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileW
CreateProcessA
SearchPathA
GetLogicalDriveStringsA
lstrcatA
GetLogicalDrives
CreateIoCompletionPort
MoveFileExA
RtlUnwind
Module32Next
Module32First
GetBinaryTypeA

gdi32

GetRgnBox
GetTextColor
GetBkColor
DPtoLP
GetMapMode
GetTextExtentPoint32A
CreateRectRgnIndirect
CreatePen
ExtSelectClipRgn
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
GetClipBox
SetMapMode
RestoreDC
SaveDC
GetDIBits
CreateFontA
SetTextColor
SetBkColor
SetBkMode
CreateFontIndirectA
ExtTextOutA
GetTextMetricsA
SelectClipRgn
DeleteDC
SelectObject
GetDeviceCaps
Rectangle
GetStockObject
CreatePatternBrush
CreateCompatibleBitmap
BitBlt
StretchBlt
CombineRgn
CreateCompatibleDC
CreateBitmap
ExtCreateRegion
CreateRectRgn
CreateSolidBrush
GetPixel
DeleteObject
GetObjectA
GetCurrentObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

ord17
_TrackMouseEvent

oledlg

ord8

wininet

HttpQueryInfoA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetConnectA
InternetOpenUrlA
HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

msimg32

GradientFill

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fb38a74f5d19ae88e8020c08af5e111

Headers

File Characteristics

PDB Paths

Imports

rpcrt4

kernel32

gdi32

comdlg32

winspool.drv

comctl32

oledlg

wininet

version

msimg32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 336KB - Virtual size: 332KB

.data Size: 64KB - Virtual size: 79KB

.rsrc Size: 12.7MB - Virtual size: 12.7MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 336KB - Virtual size: 332KB

.data
Size: 64KB - Virtual size: 79KB

.rsrc
Size: 12.7MB - Virtual size: 12.7MB