3ec883f94f013f2ecb39b1360e21937e_JaffaCakes118

General

Target

3ec883f94f013f2ecb39b1360e21937e_JaffaCakes118
Size

34KB
MD5

3ec883f94f013f2ecb39b1360e21937e
SHA1

0400a62c98dec9328eb52ab693e892ab353330ae
SHA256

d07e6d6f7d83ef1218fbd758902ac615b4efd16956ca9cc823aec82b773b0e2a
SHA512

a2d425c217c65643ae34e884c47e9b9745738ab473072d6018cc1c0f5aae32d2605719f585b558434f43f8562de82946f73c5767fa1b8faddab661e197a811ec
SSDEEP

768:JjZJvofQftBDnGGbOj41SkslQ6mfzBYrTeP6oRjMs4ExghveHq0:JjnBDvoROBBSQp4TGH5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ec883f94f013f2ecb39b1360e21937e_JaffaCakes118

Files

3ec883f94f013f2ecb39b1360e21937e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

592ad9eecee89935280f090a1ab9c8e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_fopen64
_impure_ptr
calloc
cygwin_conv_to_full_posix_path
cygwin_conv_to_full_win32_path
cygwin_conv_to_posix_path
cygwin_conv_to_win32_path
cygwin_internal
cygwin_posix_to_win32_path_list
cygwin_posix_to_win32_path_list_buf_size
cygwin_win32_to_posix_path_list
cygwin_win32_to_posix_path_list_buf_size
dll_crt0__FP11per_process
exit
fgets
fprintf
free
getopt_long
isspace
malloc
optarg
optind
perror
printf
puts
realloc
setbuf
setmode
strcasecmp
strcat
strchr
strcpy
strdup
strerror
strlen
strncpy
strrchr
strtoul

kernel32

CloseHandle
FindFirstFileA
GetLastError
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetWindowsDirectoryA
LoadLibraryA
SetLastError

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 336B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

592ad9eecee89935280f090a1ab9c8e0

Headers

File Characteristics

Imports

cygwin1

kernel32

shell32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 416B

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 336B

.idata Size: 2KB - Virtual size: 1KB

.hdata Size: 20KB - Virtual size: 20KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 416B

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 336B

.idata
Size: 2KB - Virtual size: 1KB

.hdata
Size: 20KB - Virtual size: 20KB