b8392100b7e6fd23b3a9cb0c06cc3523_JaffaCakes118

General

Target

b8392100b7e6fd23b3a9cb0c06cc3523_JaffaCakes118
Size

144KB
MD5

b8392100b7e6fd23b3a9cb0c06cc3523
SHA1

f851472198b14c6fc713fdb957f0e1eaed748fbc
SHA256

8eb359846308ae1d3c31e5c71df7df776f5df6a106c23e1744f4e8f36d748e61
SHA512

05f0db79b4f7e722f31315b3f3e9e3462663e3761ea188844eee5f6ae8d95bd4ae7a4720ec785ba1627c4d41b3fd4cf2c3af378891a49f76856cbf1f7397804d
SSDEEP

3072:YAQIzwu86Bbux3kVjaove5tO9WMzWbVWy6BQv2a:YzIzG6BYkVj4bVZ6B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8392100b7e6fd23b3a9cb0c06cc3523_JaffaCakes118

Files

b8392100b7e6fd23b3a9cb0c06cc3523_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abad284435f0b94adcb4078310e8de3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

snmpapi

SnmpSvcGetUptime
SnmpSvcSetLogLevel
SnmpSvcSetLogType
SnmpUtilAsnAnyCpy
SnmpUtilAsnAnyFree
SnmpUtilDbgPrint
SnmpUtilIdsToA
SnmpUtilMemAlloc
SnmpUtilMemFree
SnmpUtilMemReAlloc
SnmpUtilOctetsCmp
SnmpUtilOctetsCpy
SnmpUtilOctetsFree
SnmpUtilOctetsNCmp
SnmpUtilOidAppend
SnmpUtilVarBindCpy
SnmpUtilVarBindFree
SnmpUtilVarBindListCpy
SnmpUtilVarBindListFree

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetLocalTime
GetCurrentProcessId
GetFileTime
GetModuleFileNameA
SetTapePosition
lstrcmpA
GetWindowsDirectoryA
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abad284435f0b94adcb4078310e8de3a

Headers

File Characteristics

Imports

snmpapi

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 60KB - Virtual size: 609KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 60KB - Virtual size: 609KB

.reloc
Size: 8KB - Virtual size: 5KB