3e4f9be4aa3c0d6ff13c5f38c31f1002_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e4f9be4aa3c0d6ff13c5f38c31f1002_JaffaCakes118
Size

232KB
MD5

3e4f9be4aa3c0d6ff13c5f38c31f1002
SHA1

b1fb9d03de6ef0f030b13e58590e011d5f77ed77
SHA256

a1bab9025c37503fc5ce62d52fc79e4aa55a0a444c6e610e3c47069f939a5841
SHA512

f2b0c2124df951c82d0575d57bea295a7be2b13c3d32c3202a08450064a5cfeabc37cc2d03243e16000ff052b1b3e8766f938d7d8af1a00c14070703539562f9
SSDEEP

6144:3geLbO49D+Kz6qESPT+PjLmTBJsT00ZVe:j9DTzXPTCLmTrVn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e4f9be4aa3c0d6ff13c5f38c31f1002_JaffaCakes118

Files

3e4f9be4aa3c0d6ff13c5f38c31f1002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bde6fe8763a06eb870738acfd4b7272d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MyWork\WorkProjects\NetNucleosProjects\WhereSphere\SimpleProjects\WhereSphere_full_code\code\projets\contextuel_popper\exe\src\surf_accuracy\Release_WhereSphere\WhereSphere.pdb

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA

advapi32

RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

kernel32

GlobalFindAtomA
GlobalGetAtomNameA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetThreadLocale
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
lstrcmpW
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileType
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
HeapSize
GetACP
HeapDestroy
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
GetStdHandle
SetStdHandle
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentProcessId
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalDeleteAtom
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
RaiseException
LocalAlloc
Sleep
GetVersionExA
GetCurrentProcess
GetModuleFileNameA
CreateFileA
TerminateProcess
HeapAlloc
HeapFree
SetLastError
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
FormatMessageA
LocalFree
lstrlenA
CompareStringA
GetVersion
GetLastError
InterlockedExchange
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
TlsAlloc

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
UnregisterClassA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetWindowTextA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetClientRect
CreateWindowExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
ClientToScreen
GetMenuItemID
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
ShowWindow
GetMenuItemCount
GetSubMenu
GetForegroundWindow
SetForegroundWindow
GetMenu
GetWindow
IsWindowVisible
GetParent
GetClassNameA
GetWindowThreadProcessId
PostMessageA
RegisterWindowMessageA
EnableWindow
SetWindowTextA
GetClassInfoExA
SetWindowsHookExA

gdi32

RestoreDC
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Escape
SaveDC
GetDeviceCaps
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
TextOutA
RectVisible
PtVisible
SetMapMode
ExtTextOutA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

oleaut32

VariantInit
VariantClear
VariantChangeType

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bde6fe8763a06eb870738acfd4b7272d

Headers

File Characteristics

PDB Paths

Imports

shlwapi

advapi32

kernel32

user32

gdi32

winspool.drv

oleaut32

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 36KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 15KB