1a1c7a3a7726b35a117760a66322f693_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a1c7a3a7726b35a117760a66322f693_JaffaCakes118
Size

660KB
MD5

1a1c7a3a7726b35a117760a66322f693
SHA1

c6292dd58b861aac3e9513f5d4aac0d1a9da3228
SHA256

1c7d0e7d39e02e3c032f87e045832e2c7be63fe1649fed0894af6a9507331b67
SHA512

f7ce1fa4d0d07bc3e91c89a0afd87c23ec720e3794c16b946bc62bd117cc4a3077f814081903b7ce4ad36fe53adbbf933a0031bf736f66d497306ca6e03de611
SSDEEP

12288:fQnFCmYPrIaGEuOstGV6QMvaZ+eQTztZnwT0hFxvU:Yn2GE/tx2ti4/xs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a1c7a3a7726b35a117760a66322f693_JaffaCakes118

Files

1a1c7a3a7726b35a117760a66322f693_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8f8d0c22add95740512fa3ce0178af0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MyWork\WorkProjects\NetNucleosProjects\WhereSphere_Rebranding\gabpath\GabPath_recover_only\code\projets\contextuel_popper\exe\src\SAccRecover\Release_GP\GPRecover.pdb

Imports

rpcrt4

UuidCreate

kernel32

SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetVersionExA
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCommandLineA
HeapAlloc
GetProcessHeap
GetStartupInfoA
HeapReAlloc
HeapSize
ExitThread
CreateThread
ExitProcess
Sleep
HeapDestroy
GlobalFlags
VirtualFree
FatalAppExitA
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
lstrcmpW
GetModuleHandleA
GetFileTime
GetFileAttributesW
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleHandleW
GetVersion
InterlockedDecrement
SystemTimeToFileTime
lstrcmpA
WaitForMultipleObjects
CreateEventW
ReleaseSemaphore
CreateSemaphoreW
GetAtomNameW
GlobalGetAtomNameW
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
LocalFree
GetSystemTime
GetCurrentDirectoryW
SetCurrentDirectoryW
OutputDebugStringW
GetLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
FormatMessageW
FindFirstFileW
FindNextFileW
FindClose
LoadLibraryW
FreeLibrary
GetProcAddress
CompareStringW
GetVersionExW
lstrlenW
WideCharToMultiByte
lstrlenA
lstrcpynW
GetTempFileNameW
GetTempPathW
GetModuleFileNameW
GetLastError
InterlockedCompareExchange
GetCurrentProcessId
CreateMutexW
WaitForSingleObject
InterlockedIncrement
ReleaseMutex
CloseHandle
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
HeapCreate

user32

PostQuitMessage
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
InflateRect
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
PostMessageW
CreateWindowExW
SetCursor
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
DestroyIcon
SetWindowPlacement
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnregisterClassW
SetWindowPos
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowLongW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GetScrollPos
GetDialogBaseUnits
CreateDialogIndirectParamW
GetNextDlgTabItem
GetClassInfoExW
EndDialog
SetScrollPos
SetFocus
GetFocus
GetDesktopWindow
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DeleteMenu
CopyRect
ShowOwnedPopups
DrawTextW
TabbedTextOutW
FillRect
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
UnhookWindowsHookEx
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowTextLengthW
GetWindowTextW
MsgWaitForMultipleObjects
CharUpperW
GetSystemMetrics
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
IsWindow
IsWindowVisible
GetActiveWindow
MessageBoxW
EnableWindow
EnumThreadWindows
RegisterWindowMessageW
GetDlgItemTextW
UnregisterClassA

gdi32

PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ArcTo
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
RectVisible
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
StartDocW
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
CopyMetaFileW
ExtCreatePen
GetDeviceCaps
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
TextOutW

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyW
RegSetValueW
RegCreateKeyExW
RegEnumValueW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegCreateKeyW

shell32

SHGetFileInfoW
ExtractIconW

ole32

CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
ReleaseStgMedium
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
StringFromCLSID
CoTreatAsClass
OleDuplicateData
CoCreateInstance
CLSIDFromString
CoDisconnectObject
WriteClassStg

oleaut32

SafeArrayGetElement
VariantInit
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayCopy
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantClear
SafeArrayRedim
VariantChangeType
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveExtensionW
PathIsUNCW

Sections

.text
Size: 532KB - Virtual size: 529KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f8d0c22add95740512fa3ce0178af0

Headers

File Characteristics

PDB Paths

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 532KB - Virtual size: 529KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 12KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 620B

.text
Size: 532KB - Virtual size: 529KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 12KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 620B