fc94a261e65d0e55ca254a9074940c57_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc94a261e65d0e55ca254a9074940c57_JaffaCakes118
Size

67KB
MD5

fc94a261e65d0e55ca254a9074940c57
SHA1

59e65494257ca564322c1fcb5ad8aed1fb5add3f
SHA256

e472c6873b5d50a2973a9dda82f886b5500c8f38e087bd324ca4f730e1f3a300
SHA512

ec77f5f43a0bc5b71844025e5600a60d8f5e7b39baabb55630c0211cc5749708802677e4f345de732903b45224c80f62ec0f20bdf43b08eb525e37c43453d7d6
SSDEEP

1536:2TKSZn87E5iZk5FDox2TAhawh8srdF172FxZ615M8hbxVTK:2GSZSyl5F3chrD172bZ6151bDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc94a261e65d0e55ca254a9074940c57_JaffaCakes118

Files

fc94a261e65d0e55ca254a9074940c57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c5e5d272e6cb181411867cda1b9920a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Thread32First
Process32Next
LocalSize
MoveFileExA
ReadConsoleOutputAttribute
ClearCommBreak
GetSystemDirectoryA
ReleaseSemaphore
HeapFree
WriteFileGather
FindNextVolumeMountPointW
GetCurrentProcessId
SetThreadAffinityMask
OpenMutexA
GetConsoleMode
GetTapePosition
Module32Next
GetLocalTime
WriteConsoleOutputCharacterA
ResetEvent
LockResource
HeapSummary
DeleteTimerQueueEx
GlobalAddAtomA
Toolhelp32ReadProcessMemory
LZSeek
GetEnvironmentVariableA
GetModuleFileNameA
GetSystemTimeAdjustment
WriteConsoleInputA
RequestWakeupLatency
EndUpdateResourceA
ReplaceFile
GetPrivateProfileIntA
GetConsoleCP
lstrcatA
GetConsoleInputExeNameA
FindCloseChangeNotification
GetSystemWindowsDirectoryA
GetProcessVersion
GetModuleHandleA
SetCalendarInfoA
GetDiskFreeSpaceA
UpdateResourceA
VirtualAlloc
MapViewOfFileEx
GetVolumePathNameA
GetCommTimeouts
GetQueuedCompletionStatus
EnumTimeFormatsA
CreateMutexA
SetCurrentDirectoryA
FreeConsole
GetConsoleWindow
IsBadReadPtr
GetStringTypeA
lstrcmpA
SetMailslotInfo
GetPrivateProfileStructA
GetNativeSystemInfo
ProcessIdToSessionId
SetConsoleTitleA
QueueUserWorkItem
GetFileAttributesExA
WriteProcessMemory
_lwrite
WriteConsoleOutputCharacterA
SetFileApisToANSI
GetComputerNameA
LocalReAlloc
SetConsolePalette
GetWindowsDirectoryA
GetConsoleKeyboardLayoutNameA
VirtualProtectEx
GetCurrentConsoleFont
SetConsoleKeyShortcuts
SetDefaultCommConfigA
PeekConsoleInputA
WriteConsoleOutputCharacterA
SetThreadIdealProcessor
DisableThreadLibraryCalls
GetCommModemStatus
_hread
FlushConsoleInputBuffer
ReadFileEx
FatalExit
UpdateResourceA
GetFullPathNameA
ClearCommError
GetVolumeNameForVolumeMountPointA
IsValidLanguageGroup
Heap32ListFirst
lstrcpyn
GetProcessId
ExitThread
GetThreadTimes
IsBadHugeWritePtr
HeapCompact
GetFileTime
WideCharToMultiByte
IsValidCodePage
GetCommandLineA
GetNamedPipeInfo
UnlockFileEx
GetTempPathA

user32

DialogBoxParamA
UnlockWindowStation
CharToOemBuffW
ReplyMessage
DlgDirSelectExA
CreateMDIWindowA
DestroyReasons
LockSetForegroundWindow
DispatchMessageA
GetScrollRange
SetSystemMenu
ReasonCodeNeedsBugID
ModifyMenuA
SetDoubleClickTime
TranslateMessage
RealGetWindowClassA
ModifyMenuA
IsRectEmpty
SendIMEMessageExA
CharLowerBuffA
DestroyWindow
PrivateExtractIconExA
GetMessageTime
GetRegisteredRawInputDevices
RegisterDeviceNotificationA
DrawTextExW
LoadLocalFonts
RegisterWindowMessageA
AlignRects
ReplyMessage
UnhookWindowsHookEx
GetClassInfoExA
SubtractRect
NotifyWinEvent
SetWindowsHookA
CharNextExA
SendMessageA
SetKeyboardState
GetClipboardViewer
GetUpdateRgn
DrawCaptionTempA
GetClassInfoExW
IntersectRect
CloseWindowStation
DrawTextA
DlgDirSelectExA
TranslateMessage
DrawFrame
DrawFrameControl
GetAncestor
GetClassNameA
EnumClipboardFormats
SendNotifyMessageA
BringWindowToTop
ScrollWindow
GetMonitorInfoA
SwitchDesktop
TranslateAcceleratorA
GetWindowModuleFileNameA
DlgDirListA
TranslateMessage
EnumDisplayDevicesA
SetMenuItemBitmaps
SetCursorPos
RedrawWindow
GetDlgItemTextA
SetDeskWallpaper
RegisterWindowMessageA
GetUserObjectInformationA
UnregisterClassA
EnumDisplayDevicesA
SetShellWindow
MessageBoxA
CharUpperA
GetWindowTextLengthA
UpdateLayeredWindow
GetMenuBarInfo
GetFocus
GrayStringA
GetDlgItemTextA
DisplayExitWindowsWarnings
MessageBoxTimeoutA
ShowStartGlass
GetMenuContextHelpId
CloseWindow
SetRectEmpty
ReleaseCapture
DialogBoxParamA
IsHungAppWindow
ClientToScreen
GetRawInputBuffer
ScrollDC
ScreenToClient
CheckRadioButton
PrintWindow
ShowCursor
RegisterWindowMessageA
SetWindowsHookExA
GetClassInfoExA
CharToOemBuffA
SetDlgItemInt
SetForegroundWindow
LockWorkStation

dhcpsapi

DhcpEnumServers

d3d8

CheckFullscreen
DebugSetMute

Exports

Exports

Gxqaxdjihm
IsCwxecoyhmf

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kcwneox
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c5e5d272e6cb181411867cda1b9920a

Headers

File Characteristics

Imports

kernel32

user32

dhcpsapi

d3d8

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 20KB - Virtual size: 127KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 30KB

kcwneox Size: - Virtual size: 4KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 20KB - Virtual size: 127KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 30KB

kcwneox
Size: - Virtual size: 4KB