1c4d8e9ff4bc00c0ccf2ddd7f98cd523_JaffaCakes118 | Triage

Sharing

General

Target

1c4d8e9ff4bc00c0ccf2ddd7f98cd523_JaffaCakes118
Size

47KB
MD5

1c4d8e9ff4bc00c0ccf2ddd7f98cd523
SHA1

38f0a62ef2b737c6d08c452bd80bf3f6fa572a5d
SHA256

c20b15f308612bc233ec4b982b1c998afc50bed0aa177fd03d5de9bd290a68c7
SHA512

5c8d8f1cbab840aa549b39a09f9787477d123c1453de9273acd878baf3d878e421a4c05f2a1a14a8fb82aac4878845c81660bd239838573b20fc429f73951b12
SSDEEP

768:oxNvlb5BbOLZB/RB9CtXNQo3QAoFlwPdPhyqVr2lSya/awwZzpfn1WjLc2IxHUwT:UVB+o3AlwPsllWabnv0jfmH3Gy5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c4d8e9ff4bc00c0ccf2ddd7f98cd523_JaffaCakes118

Files

1c4d8e9ff4bc00c0ccf2ddd7f98cd523_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e9d952d585497bb848d392963c6aad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
__mb_cur_max
_ctype_
_exit
_fcntl64
_fdopen64
_fopen64
_freopen64
_impure_ptr
abort
atexit
calloc
close
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fileno
fprintf
fputs
fread
free
fwrite
getenv
getline
isatty
iswprint
malloc
mbrtowc
mbsinit
memcpy
memset
printf
putc_unlocked
putchar_unlocked
realloc
setlocale
strchr
strcmp
strerror_r
strlen
strncmp
vfprintf

cygintl-8

libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_textdomain

kernel32

GetModuleHandleA

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 640B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE