5724f63d53962f7c239f831dbc439ff2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5724f63d53962f7c239f831dbc439ff2_JaffaCakes118
Size

425KB
MD5

5724f63d53962f7c239f831dbc439ff2
SHA1

424c37342875faa78fc124d882381588e99f66ef
SHA256

90afeeb2b19a027385e77f12a2c4b64dcf8ebb30e99683d1e3109d06cd6593a6
SHA512

bf4a828ef3b7bc3ac8923290bdc114fadab4eff513679b81c63a0e135dfca95a355b5dc85100a6c88ba27b7141cfb468e9bdfd2f51d5df3b3e78b0ceaa736edd
SSDEEP

6144:6j7ynTAwVFV6sfI3eNrcpakOMqYUP+hFNfSuv+RBJuAQwrqW9S3eWDbSB3:6j2nTA+ysdqokOlifaLuAQYqTznSB3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5724f63d53962f7c239f831dbc439ff2_JaffaCakes118

Files

5724f63d53962f7c239f831dbc439ff2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36001e66a24a9436d48e02c4259e6c73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Q:\interactivity\dictate\enhanceme.pdb

Imports

kernel32

GetModuleFileNameA
LoadLibraryExA
GetFileTime
GetStringTypeW
LCMapStringW
IsProcessorFeaturePresent
MultiByteToWideChar
WriteConsoleW
CloseHandle
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
SetLastError
InterlockedIncrement
BeginUpdateResourceA
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
SetFilePointer
HeapFree
Sleep
DeleteCriticalSection
SetHandleCount
EncodePointer
HeapCreate
GetModuleFileNameW
WriteFile
DecodePointer
ExitProcess
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LockResource
LoadLibraryA
GlobalFree
GetProcAddress
GetLastError
GetStdHandle
SetConsoleTitleA
GetNativeSystemInfo
MulDiv
SetConsoleScreenBufferSize
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetFileType
InitializeCriticalSectionAndSpinCount
SetStdHandle
LeaveCriticalSection
InterlockedDecrement
HeapAlloc
AllocConsole
EnterCriticalSection
lstrlenA
TlsFree
CreateFileW

user32

GetWindow
EndPaint
DestroyWindow
CloseClipboard
GetSystemMenu
IsMenu
PostQuitMessage
SendDlgItemMessageA
DeleteMenu
CopyImage
LoadBitmapA
GetParent
LoadIconA
wsprintfA
FindWindowExA
CreateMenu
GetWindowTextLengthA
SendMessageA
BeginPaint
GetDC
CreateDialogIndirectParamA
SetDlgItemInt
GetWindowTextA
MessageBoxA
CreateWindowExA
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
CheckDlgButton
EnumChildWindows
OpenClipboard
SystemParametersInfoA
InsertMenuA
SetWindowTextA
LoadImageA
MapWindowPoints
EnableWindow
SetClipboardData
CallWindowProcA
FindWindowA
LoadCursorA
GetDlgCtrlID
GetDlgItemTextA
RegisterClassA

gdi32

GetStockObject
DeleteDC
PatBlt
GetDeviceCaps
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
TextOutA

comdlg32

PrintDlgA

oleaut32

VariantInit

psapi

GetPerformanceInfo

shlwapi

wnsprintfA

comctl32

CreatePropertySheetPageA
PropertySheetA

gdiplus

GdiplusStartup

imm32

ImmGetDefaultIMEWnd

setupapi

SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiSetDeviceRegistryPropertyA

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36001e66a24a9436d48e02c4259e6c73

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

oleaut32

psapi

shlwapi

comctl32

gdiplus

imm32

setupapi

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 239KB - Virtual size: 238KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 110KB - Virtual size: 109KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 239KB - Virtual size: 238KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 110KB - Virtual size: 109KB

.reloc
Size: 7KB - Virtual size: 7KB