8306980d0493acffb042d4fc84f7697a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8306980d0493acffb042d4fc84f7697a_JaffaCakes118
Size

652KB
MD5

8306980d0493acffb042d4fc84f7697a
SHA1

96b68d02454c4437029a21f0ec1fefc6bc2f8fa0
SHA256

92125aca58299e09b9e7c5254b446b1ed0b0c48399f18043be50f37b92aba680
SHA512

1de73f0f2dad581f922196ca0aafd9c68a8e477ed3a3b02297a02fcdd8553bbf60ec595eeb56dcc7b7177e1fab77c5fa4468de2798d67f8b47556c9b996171f5
SSDEEP

12288:BfcbJgfvOyzjl37zfbKFX2v5+n1UHn5oTssiLfLqnuC:Bh17/KFX2vEtTmfL+uC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8306980d0493acffb042d4fc84f7697a_JaffaCakes118

Files

8306980d0493acffb042d4fc84f7697a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c8cf5aea2ab9d7abdcda6acf2545de6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\agence\release_eorezo\EoRezo.pdb

Imports

iphlpapi

GetAdaptersInfo

kernel32

TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
WritePrivateProfileStringW
GetTickCount
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
RaiseException
ExitThread
CreateThread
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
GetCurrentThread
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
InterlockedDecrement
GetModuleHandleA
InterlockedIncrement
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
FreeResource
LocalAlloc
FreeLibrary
lstrlenA
GetFileTime
GetModuleFileNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateEventW
SuspendThread
SetEvent
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
CreateProcessW
GetCommandLineW
GetProcAddress
LoadLibraryW
VerifyVersionInfoW
VerSetConditionMask
FindNextFileW
FindClose
SetLastError
GetFileAttributesW
GetCurrentProcess
FindFirstFileW
GetThreadLocale
GetVersionExW
WideCharToMultiByte
GlobalFree
CreateFileW
WriteFile
lstrlenW
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentProcessId
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetLastError
TerminateProcess
OpenProcess
CreateMutexW
DeleteFileW
GetTempPathW
MultiByteToWideChar
CopyFileW
CreateDirectoryW
DeleteCriticalSection
LockResource
EnterCriticalSection
LeaveCriticalSection
SizeofResource
Sleep
TerminateThread
InitializeCriticalSection
WaitForSingleObject
LoadResource
FindResourceW
FreeEnvironmentStringsA

user32

SetRect
IsRectEmpty
CopyAcceleratorTableW
DestroyMenu
LoadCursorW
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CharNextW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
UnregisterClassA
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
InvalidateRect
SetForegroundWindow
UpdateWindow
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
CharUpperW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
InvalidateRgn
SetCapture
PostThreadMessageW
RegisterClipboardFormatW
PeekMessageW
GetCursorPos
MessageBeep
GetNextDlgGroupItem
UnregisterClassW
ReleaseCapture
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
WaitForInputIdle
GetForegroundWindow
CopyRect
IsIconic
DrawIcon
GetClientRect
LoadIconW
GetDesktopWindow
SendMessageW
SetTimer
KillTimer
EnableWindow
PostMessageW
IsWindow
GetWindowRect
GetSystemMetrics
GetDC
SystemParametersInfoW
ReleaseDC
FindWindowW
PtInRect
RegisterWindowMessageW

gdi32

CreateRectRgnIndirect
GetMapMode
GetWindowExtEx
GetViewportExtEx
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateBitmap
GetRgnBox
GetDeviceCaps
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
LookupPrivilegeValueW
GetUserNameW
RegQueryInfoKeyW
EqualSid
GetTokenInformation
OpenProcessToken
RegSetValueExW
IsTextUnicode
RegEnumKeyExW
RegOpenKeyExW
FreeSid
AllocateAndInitializeSid
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

UrlUnescapeW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
SysAllocStringLen
SysFreeString
OleCreateFontIndirect
SysAllocString
VariantClear

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
HttpAddRequestHeadersW
InternetCrackUrlW
InternetQueryDataAvailable
InternetCanonicalizeUrlW
InternetCloseHandle
HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetConnectW
InternetReadFile
InternetOpenW

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c8cf5aea2ab9d7abdcda6acf2545de6

Headers

File Characteristics

PDB Paths

Imports

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 448KB - Virtual size: 447KB

.rdata Size: 152KB - Virtual size: 148KB

.data Size: 28KB - Virtual size: 40KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 448KB - Virtual size: 447KB

.rdata
Size: 152KB - Virtual size: 148KB

.data
Size: 28KB - Virtual size: 40KB

.rsrc
Size: 20KB - Virtual size: 17KB