40c3a49908b1a65fd2218771f455a3b5_JaffaCakes118

General

Target

40c3a49908b1a65fd2218771f455a3b5_JaffaCakes118
Size

232KB
MD5

40c3a49908b1a65fd2218771f455a3b5
SHA1

1ea50aeb4006b5592bf51c7d7fd6b4d45816b297
SHA256

a97256b34516e7fcd7c4e1c61c5ef44fd411b2cc3399908e7bbfabdd50fa5703
SHA512

7991a6cff93adba7ae73d57f46fd96411cf2275386f58b168a23cc730db6ae193e03fa6adac6f8da4f53e8d08d987358b0e6f00be909122808d52ffc4276136f
SSDEEP

6144:S+e+fayJ8wd593j0JMfUYI8cxrrfo+icNSB:7Cy2wd593kWdv2rf0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40c3a49908b1a65fd2218771f455a3b5_JaffaCakes118

Files

40c3a49908b1a65fd2218771f455a3b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb3ee5956003897df031a922a020619f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZStart
LZInit
LZDone
LZCopy
GetExpandedNameA
LZSeek

mgmtapi

SnmpMgrCtl
SnmpMgrStrToOid
SnmpMgrGetTrap
SnmpMgrRequest

kernel32

VirtualFree
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
IsBadWritePtr
WriteFile
RtlUnwind
HeapDestroy
GetFileType
GetSystemTimeAsFileTime
GetProcessHeap
SetSystemPowerState
GetCPInfo
QueryPerformanceCounter
GetWindowsDirectoryA
GetSystemTime
OpenProcess
GetVersionExA
GetModuleHandleA
GetDateFormatA
SizeofResource
LoadResource
HeapWalk
HeapReAlloc
GetLocalTime
CreateFileA
HeapFree
HeapAlloc
HeapCreate
CreateDirectoryA
CopyFileA
ResetEvent
VirtualAlloc
WriteConsoleW
GetComputerNameA
lstrlenA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb3ee5956003897df031a922a020619f

Headers

File Characteristics

Imports

lz32

mgmtapi

kernel32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 92KB - Virtual size: 560KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 92KB - Virtual size: 560KB