a1ecc5d22271e8e65c4197ecd283c88c_JaffaCakes118

General

Target

a1ecc5d22271e8e65c4197ecd283c88c_JaffaCakes118
Size

156KB
MD5

a1ecc5d22271e8e65c4197ecd283c88c
SHA1

65324e64f295cd8e404845ee484c5a47f8daa0d3
SHA256

67bf29a3ab3504ef3e88640308b39ee2353cbfc77975d396c9e2608f53632f0e
SHA512

cab58dea1979c5683a7fb2b651fb3e28f737da6d05a8dc71d8b82c3b0ab584e11153c2696afe3677331c02b0f1e49e3dc8cc93cedb114d04e306d905d7826b13
SSDEEP

3072:fCigplW1Wy52AlJwu1unoV44ztzKrtVGdpGVoXU7Ez8e/fukk:fD4BOYGunoSk9Ky3GVokbe/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1ecc5d22271e8e65c4197ecd283c88c_JaffaCakes118

Files

a1ecc5d22271e8e65c4197ecd283c88c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4951b2b73c547f08ef679fbbac1f99b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sisbkup

SisFreeBackupStructure
SisRestoredLink
SisRestoredCommonStoreFile
SisFreeAllocatedMemory
SisCSFilesToBackupForLink
SisCreateBackupStructure

snmpapi

SnmpUtilOctetsNCmp
SnmpUtilOidAppend
SnmpUtilOidFree
SnmpUtilOidNCmp
SnmpUtilOctetsFree
SnmpUtilPrintAsnAny
SnmpUtilVarBindCpy
SnmpUtilVarBindFree
SnmpUtilVarBindListCpy
SnmpUtilVarBindListFree
SnmpUtilOctetsCpy
SnmpUtilAsnAnyCpy
SnmpSvcSetLogType
SnmpSvcSetLogLevel
SnmpSvcGetUptime
SnmpUtilOidToA

kernel32

GetVersion
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
QueryPerformanceCounter
CreateFileA
GetVolumeInformationA
GetSystemTime
OpenProcess
GetVersionExA
GetModuleHandleA
GetDateFormatA
FindResourceA
SetTapePosition
lstrcpyA
GetWindowsDirectoryA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4951b2b73c547f08ef679fbbac1f99b8

Headers

File Characteristics

Imports

sisbkup

snmpapi

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 52KB - Virtual size: 763KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 52KB - Virtual size: 763KB

.reloc
Size: 8KB - Virtual size: 4KB