24ffc1dde38b9ee4379ae17d7f9ea865_JaffaCakes118

General

Target

24ffc1dde38b9ee4379ae17d7f9ea865_JaffaCakes118
Size

35KB
MD5

24ffc1dde38b9ee4379ae17d7f9ea865
SHA1

4634fad9b43f16223d11dcede2594f0c14e780e0
SHA256

17abb7a10e8124d391048729f3a6cc5c7e24e83a954f4e29f80a3cf3924d47bd
SHA512

b11542d35b0404ed6f304689b3941ce0562195cd92adff9fc382fb5e510ef0236f47faa814626a216dbf499c3565ace4c66fb37f9e73121c4f035a7e7310961d
SSDEEP

768:PM6rGpCyGAQx43ccJy6gGSya/awwZzpfn1WjLc2IxHUw0mQMGyD:PMKECy843ccJtgGlWabnv0jfmH3GyD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ffc1dde38b9ee4379ae17d7f9ea865_JaffaCakes118

Files

24ffc1dde38b9ee4379ae17d7f9ea865_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10e5523842756702720e2671a4936772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_impure_ptr
calloc
cygwin_conv_to_win32_path
cygwin_internal
dll_crt0__FP11per_process
exit
fprintf
fread
free
fwrite
getopt_long
isxdigit
malloc
optarg
optind
printf
putchar
puts
realloc
strcmp
strcpy
strlen
strrchr
strtoul
tolower

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenThreadToken
RegCloseKey
RegConnectRegistryA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegLoadKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSaveKeyA
RegSetValueExA
RegUnLoadKeyA

kernel32

CloseHandle
ExpandEnvironmentStringsA
FormatMessageA
GetCurrentThread
GetLastError
GetModuleHandleA
LocalFree

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 112B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10e5523842756702720e2671a4936772

Headers

File Characteristics

Imports

cygwin1

advapi32

kernel32

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 512B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 112B

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 512B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 112B

.idata
Size: 2KB - Virtual size: 1KB