JaffaCakes118_d00f95a2f98cc6e7cc8806bb6dfceeb97c3aba47fb3ce530e72e39a35e794e37

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_d00f95a2f98cc6e7cc8806bb6dfceeb97c3aba47fb3ce530e72e39a35e794e37
Size

173KB
MD5

f4b82b27ed76c327cab0e047b2f84a8d
SHA1

38b325825a652170befceacf10c800c25249fe19
SHA256

d00f95a2f98cc6e7cc8806bb6dfceeb97c3aba47fb3ce530e72e39a35e794e37
SHA512

7349f01bef395c3484c1b7b79eb5ee1f5e1df5e25dd863602a49d7bcffd8a3b2e0a1954a7e8f5c9d8deeed0dc45fbc3c8df0237836c6c58db3fdceba3843ef9c
SSDEEP

3072:DjQwqre6rfHYjYlpTrE6/BNR9miV6tFQS5ektRI5qPs73Gc0n0g:D5qKIaG86/BfHV6rIkTI5qPEg0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/lkx111.exe

Files

JaffaCakes118_d00f95a2f98cc6e7cc8806bb6dfceeb97c3aba47fb3ce530e72e39a35e794e37
.zip

Password: infected
lkx111.exe
.exe windows:5 windows x86 arch:x86

bf2d799cb59ce43b83a63fa8fe6d611f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateActCtxA
HeapUnlock
GetModuleHandleA
InterlockedExchangeAdd
WaitNamedPipeW
GetLastError
GetPrivateProfileSectionW
CancelDeviceWakeupRequest
EnterCriticalSection
LocalHandle
WriteFile
SetFileShortNameW
ReadProcessMemory
OpenEventW
SetEvent
SetConsoleTextAttribute
SetConsoleTitleW
AllocConsole
LoadLibraryA
LocalAlloc
VirtualAlloc
GetFileAttributesW
GetAtomNameW
HeapAlloc
lstrcpyW
GetSystemDefaultLCID
GetConsoleAliasW
GetModuleHandleW
CreateMailslotW
GetCPInfoExA
SetEnvironmentVariableA
CommConfigDialogW
GetConsoleAliasesLengthW
DeleteTimerQueue
GetFileAttributesExW
SetCalendarInfoW
HeapLock
ReleaseMutex
WaitForSingleObject
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
HeapReAlloc
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CloseHandle
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xukiku
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bahozo
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.suhoz
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zut
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

bf2d799cb59ce43b83a63fa8fe6d611f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 106KB - Virtual size: 106KB

.data Size: 180KB - Virtual size: 744KB

.xukiku Size: 512B - Virtual size: 23B

.bahozo Size: 512B - Virtual size: 6B

.suhoz Size: 1024B - Virtual size: 963B

.zut Size: 512B - Virtual size: 346B

.rsrc Size: 59KB - Virtual size: 58KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 106KB - Virtual size: 106KB

.data
Size: 180KB - Virtual size: 744KB

.xukiku
Size: 512B - Virtual size: 23B

.bahozo
Size: 512B - Virtual size: 6B

.suhoz
Size: 1024B - Virtual size: 963B

.zut
Size: 512B - Virtual size: 346B

.rsrc
Size: 59KB - Virtual size: 58KB

.reloc
Size: 9KB - Virtual size: 9KB