24ce1e10ba5ae432e4a831bb727c583e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24ce1e10ba5ae432e4a831bb727c583e_JaffaCakes118
Size

340KB
MD5

24ce1e10ba5ae432e4a831bb727c583e
SHA1

f43f6ba852ca55935280fb0f4561b694e30d4d2c
SHA256

6f1325b04b5f097fe7141d1c447ff253a7428c23079ba75b95babd958fbfc625
SHA512

20fc359acba4a034d8face50aaf124363dda45fb0aceeb8796036896e9c9a9e25291f35f71469c96cf03ad76fb08894dc032bf3e4cead27b8d2ff8c5ecb2cc8d
SSDEEP

6144:Fd+UzFgP2ZNI8I5WX5qcwL9/jlg0A7xFiCleyQavlhcVTB7:j/zFg+DI88WUh/jl2FiRyXhcVT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ce1e10ba5ae432e4a831bb727c583e_JaffaCakes118

Files

24ce1e10ba5ae432e4a831bb727c583e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14b8480c926d91c0f94ded623eb4e31e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__main
_acl32
_aclsort32
_ctype_
_exit
_fcntl64
_fopen64
_fstat64
_ftruncate64
_getegid32
_geteuid32
_getgrgid32
_getgrnam32
_getgroups32
_getpwuid32
_impure_ptr
_lchown32
_lseek64
_lstat64
_mknod32
_open64
_setgid32
_setgroups32
_setuid32
_stat64
accept
access
alarm
asctime
asprintf
atof
atoi
bind
calloc
chdir
chmod
chroot
close
closedir
closelog
connect
cygwin_attach_handle_to_fd
cygwin_conv_to_full_win32_path
cygwin_internal
dll_crt0__FP11per_process
dup2
execvp
exit
fchmod
fclose
fflush
fgets
fork
fprintf
fputc
fread
free
fwrite
getc
getcwd
getenv
gethostbyaddr
gethostbyname
gethostname
getpass
getpeername
getpgrp
getpid
getpwnam
getservbyport
getsockname
getsockopt
gettimeofday
h_errno
inet_aton
inet_ntoa
inet_pton
kill
link
listen
localtime
lutimes
mallinfo
malloc
mbsrtowcs
memcpy
memmove
memset
mkdir
mkstemp
opendir
openlog
pipe
printf
putenv
qsort
read
readdir
readlink
realloc
rename
rmdir
select
setlocale
setmode
setsid
setsockopt
shutdown
sigaction
sigaddset
sigemptyset
sigprocmask
sleep
snprintf
socket
socketpair
sprintf
sscanf
strcasecmp
strcat
strchr
strcmp
strcpy
strdup
strerror
strftime
strlcat
strlcpy
strlen
strncasecmp
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtod
strtok
strtol
symlink
sysconf
syslog
system
tcgetpgrp
time
umask
unlink
utimes
vsnprintf
waitpid
write
h_errno

kernel32

CreateFileA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14b8480c926d91c0f94ded623eb4e31e

Headers

File Characteristics

Imports

cygwin1

kernel32

ole32

Sections

.text Size: 269KB - Virtual size: 268KB

.data Size: 9KB - Virtual size: 9KB

.rdata Size: 55KB - Virtual size: 55KB

.bss Size: - Virtual size: 10KB

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 269KB - Virtual size: 268KB

.data
Size: 9KB - Virtual size: 9KB

.rdata
Size: 55KB - Virtual size: 55KB

.bss
Size: - Virtual size: 10KB

.idata
Size: 5KB - Virtual size: 4KB