1754fad09937241ff976c7f1cfef9936_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1754fad09937241ff976c7f1cfef9936_JaffaCakes118
Size

172KB
MD5

1754fad09937241ff976c7f1cfef9936
SHA1

ca0a2c0b83fe513a2d57582c0ef09d1da25e9dfe
SHA256

337480a5c00efab5a8d456c28625b55dc782332b36ac662034997414c858080b
SHA512

7d92cd0bcabefb8b0b5803c7c953d3b04a2b6e2ccbfcf68bfdee4f4e41a5fbcd71ae3ec52ba3672ca4cf073e88d3f49b947b218c0c0502365aa20277e03f2c2d
SSDEEP

3072:wUKQ9HqAo50tkwCtMMWdgd7TfvnEjudSv4gtHVGaIHqTWFD:T99HqAJCFWyRcoYV1hTa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1754fad09937241ff976c7f1cfef9936_JaffaCakes118

Files

1754fad09937241ff976c7f1cfef9936_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e930bca4085f1950fc1c38ee8d88125b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mgmtapi

SnmpMgrOpen
SnmpMgrClose
SnmpMgrCtl
SnmpMgrRequest

mprapi

MprAdminUserSetInfo
MprAdminUserGetInfo
MprAdminTransportSetInfo
MprAdminTransportGetInfo
MprAdminTransportCreate
MprAdminServerGetInfo
MprAdminServerGetCredentials
MprAdminServerDisconnect
MprAdminServerConnect
MprAdminPortReset
MprAdminPortGetInfo
MprAdminPortEnum
MprAdminPortDisconnect
MprAdminPortClearStats
MprAdminMIBServerDisconnect
MprAdminMIBEntrySet
MprConfigGetGuidName
MprAdminMIBEntryGetFirst
MprAdminMIBEntryGet
MprAdminMIBEntryDelete
MprAdminMIBBufferFree
MprAdminIsServiceRunning
MprAdminInterfaceTransportRemove
MprAdminInterfaceTransportGetInfo
MprAdminInterfaceGetInfo
MprAdminInterfaceGetHandle
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceGetCredentials
MprAdminInterfaceEnum
MprAdminInterfaceDisconnect
MprAdminInterfaceDelete
MprAdminInterfaceCreate
MprAdminInterfaceConnect
MprAdminGetPDCServer
MprAdminDeregisterConnectionNotification
MprAdminConnectionGetInfo
MprConfigInterfaceCreate
MprConfigInterfaceDelete
MprConfigInterfaceEnum
MprConfigInterfaceGetHandle
MprConfigInterfaceGetInfo
MprConfigInterfaceSetInfo
MprConfigInterfaceTransportAdd
MprConfigInterfaceTransportEnum
MprConfigInterfaceTransportGetHandle
MprConfigInterfaceTransportGetInfo
MprConfigServerGetInfo
MprConfigServerInstall
MprConfigServerRefresh
MprConfigServerRestore
MprConfigTransportGetInfo
MprConfigTransportSetInfo
MprInfoBlockAdd
MprInfoBlockFind
MprInfoDelete
MprInfoDuplicate
MprInfoRemoveAll
MprAdminMIBEntryGetNext

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_strlwr
malloc

kernel32

GetStartupInfoA
GetModuleHandleA
lstrcmpA
GetComputerNameA
PeekNamedPipe
DuplicateHandle
GetCurrentThread
DeleteFileA
OpenMutexA
CreateMutexA
GetCurrentProcessId
GetFileTime
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationA
GetSystemTimeAsFileTime
GetLocalTime
CreateFileA
CreateDirectoryA
CopyFileA
ResetEvent
VirtualFree
VirtualProtect
VirtualAlloc
SetTapePosition
GetEnvironmentVariableA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e930bca4085f1950fc1c38ee8d88125b

Headers

File Characteristics

Imports

mgmtapi

mprapi

msvcrt

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 48KB - Virtual size: 563KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 48KB - Virtual size: 563KB