193178085803c1c483f3c3bcd55b9df1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

193178085803c1c483f3c3bcd55b9df1_JaffaCakes118
Size

431KB
MD5

193178085803c1c483f3c3bcd55b9df1
SHA1

4f58f1f03ce5d29bcae1f0711a311339a4dfcbbf
SHA256

e46a11633a6b69a1043968f14041cd569368f223b17632498519ac4444c19846
SHA512

eb38bf323f5230ef5a295be213551866f1c34422da45e54e1244dbbf7fab413dcebabff8bae16662f001c0418d8b4c351376fd191a0695a202c274881ab6c516
SSDEEP

6144:RjhZOKrGkMTmFNS1szl6X2Ov5Cyw6VYjhgO1l3TAgXb8X+U5b00J4PScjfWy4M9j:RjhZvMTm7CsEX2Ov5xg1lAgLgxJCfK1w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193178085803c1c483f3c3bcd55b9df1_JaffaCakes118

Files

193178085803c1c483f3c3bcd55b9df1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46bd6aa37cbaae67bfc84d5b0a4e0459

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cyggeoip-1

GeoIP_country_code_by_addr
GeoIP_delete
GeoIP_new
GeoIP_open

cygcrypt-0

crypt

cygwin1

__assert
__errno
__getreent
__main
_ctype_
_fcntl64
_fopen64
_fstat64
_geteuid32
_getpwuid32
_impure_ptr
_lseek64
_lstat64
_mmap64
_open64
_stat64
abort
accept
alarm
atof
atoi
bind
calloc
close
closedir
connect
cygwin_internal
dll_crt0__FP11per_process
dup
exit
fclose
fflush
fgets
fileno
fnmatch
fork
fprintf
free
fwrite
gethostbyname
getopt
getpeername
getpid
getrlimit
getrusage
getsockname
getsockopt
gettimeofday
gmtime
h_errno
hstrerror
inet_aton
inet_ntoa
inet_ntop
inet_pton
ioctl
isatty
kill
link
listen
localtime
malloc
memcpy
memset
mktime
munmap
opendir
optind
printf
putchar
puts
raise
rand
read
readdir
realloc
rename
select
setrlimit
setsid
setsockopt
shutdown
sigaction
sigaddset
sigemptyset
sigfillset
signal
sigprocmask
sleep
snprintf
socket
socketpair
sprintf
srand
sscanf
statvfs
strcasecmp
strchr
strcmp
strcpy
strerror
strftime
strlen
strncasecmp
strncat
strncmp
strncpy
strptime
strrchr
strsignal
strstr
strtok
strtol
tcgetattr
tcsetattr
time
uname
unlink
usleep
vprintf
vsnprintf
waitpid
write

cyggnutls-openssl-11

SSL_CTX_new
SSL_connect
SSL_free
SSL_library_init
SSL_load_error_strings
SSL_new
SSL_read
SSL_set_fd
SSL_write
SSLv23_client_method

kernel32

GetModuleHandleA

Sections

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46bd6aa37cbaae67bfc84d5b0a4e0459

Headers

File Characteristics

Imports

cyggeoip-1

cygcrypt-0

cygwin1

cyggnutls-openssl-11

kernel32

Sections

.text Size: 282KB - Virtual size: 281KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 79KB - Virtual size: 78KB

.bss Size: - Virtual size: 22KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 282KB - Virtual size: 281KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 79KB - Virtual size: 78KB

.bss
Size: - Virtual size: 22KB

.idata
Size: 4KB - Virtual size: 3KB