6b70fb825e649821ba3b7d1578377d77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6b70fb825e649821ba3b7d1578377d77_JaffaCakes118
Size

38KB
MD5

6b70fb825e649821ba3b7d1578377d77
SHA1

d15bfd24d1db9f2482a4591daaf9169891231c4d
SHA256

cebb3c84ed8853dcf5e5bcf3ceaa7c6354bbe251be216732406a9cd5d742001a
SHA512

f7db3860223ebdea273cf7a486974383bed98bffc7c0eb400126dd94ce150e197f50ba014caeea59d0c5d7c6e6b3feb730cfe4981b16acb2c9c4d804ac540f0b
SSDEEP

768:qyE7eviG9XckCXHW7bRX2wvS0aWn/3yqr4wnKiDW3V:sqviGRc/XWfx1oWnlW3V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b70fb825e649821ba3b7d1578377d77_JaffaCakes118

Files

6b70fb825e649821ba3b7d1578377d77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d228c34d4ee34f26e1e1525043085a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-intl-8

libintl_bindtextdomain
libintl_gettext
libintl_setlocale
libintl_textdomain

msys-2.0

__ctype_ptr__
__cxa_atexit
__errno
__getreent
__locale_mb_cur_max
__main
_dll_crt0@0
_exit
_freopen64
_impure_ptr
_open64
abort
calloc
close
cygwin_internal
dll_dllcrt0
dup2
error
exit
fclose
fileno
fprintf
fputs_unlocked
free
freopen
fwrite
fwrite_unlocked
getenv
getline
getopt_long
iswprint
malloc
mbrtowc
mbsinit
memcmp
memcpy
memset
msys_detach_dll
nl_langinfo
open
optind
posix_memalign
printf
program_invocation_name
program_invocation_short_name
puts
realloc
sprintf
strchr
strcmp
strlen
strncmp
strndup
strrchr

msys-gcc_s-1

__deregister_frame_info
__register_frame_info

kernel32

FreeLibrary
GetACP
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 724B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d228c34d4ee34f26e1e1525043085a3

Headers

DLL Characteristics

File Characteristics

Imports

msys-intl-8

msys-2.0

msys-gcc_s-1

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 164B

.rdata Size: 10KB - Virtual size: 10KB

/4 Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 724B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 164B

.rdata
Size: 10KB - Virtual size: 10KB

/4
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 724B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB