0200f5da5ec782b0f85fcec8052e9db2_JaffaCakes118

General

Target

0200f5da5ec782b0f85fcec8052e9db2_JaffaCakes118
Size

240KB
MD5

0200f5da5ec782b0f85fcec8052e9db2
SHA1

598c4b183ae07fd77f8cbda76bd8ca59d4dd59a3
SHA256

22c847019e48d1d48d4255d0b48a960cd7c1ba7316cc0431540200d7f949ca1b
SHA512

93ad341fd857c6a3a651274114e2f84c86410922dd2712664131ade9d917839087c83aad8ec2bef6639a20d64ad52ac3a17b27e7fd119487fc87987da0be58a2
SSDEEP

6144:XwvSzqDqtgLEC64bK2p2+r2vYITg7xdAJ8OWDG1CfCZPoXU:XwqbuEJ22YITOx2SDG1Cf+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0200f5da5ec782b0f85fcec8052e9db2_JaffaCakes118

Files

0200f5da5ec782b0f85fcec8052e9db2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c36d1b5e8626c5bd1a66f66b2d85b836

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZInit
LZDone
GetExpandedNameA
LZStart
LZSeek

mgmtapi

SnmpMgrCtl
SnmpMgrStrToOid
SnmpMgrOidToStr
SnmpMgrGetTrap
SnmpMgrRequest

kernel32

GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
HeapReAlloc
GetFileAttributesA
GetTempPathA
CopyFileA
GetShortPathNameA
GetEnvironmentVariableA
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedIncrement
SetEvent
GetCurrentProcess
LoadLibraryA
CloseHandle
ReadFile
GetFileSize
SetFilePointer
CreateFileA
DeleteCriticalSection
FindClose
FindNextFileA
FindFirstFileA
TlsAlloc
WriteConsoleW
VerLanguageNameA
lstrlenA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
VirtualAlloc

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c36d1b5e8626c5bd1a66f66b2d85b836

Headers

File Characteristics

Imports

lz32

mgmtapi

kernel32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 96KB - Virtual size: 784KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 96KB - Virtual size: 784KB