423804356c2d8c8f7f48558cb84ffa52_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

423804356c2d8c8f7f48558cb84ffa52_JaffaCakes118
Size

580KB
MD5

423804356c2d8c8f7f48558cb84ffa52
SHA1

8a523d17cb63cc3a190dc644f220d7eff7050ec6
SHA256

a5d9e3ead0a2e5281a2767404074a4d0c97658c96ccbef6990f4f9144ede2865
SHA512

5be70501c4c695831051f29050fd580dd1260f49bbfb784275cc7acbd838fbe212c3145d0a2cbe409c40c78d40ce96bad4e4ef6705885a7ced50c01196f75c03
SSDEEP

12288:x85qeTmD9atbiYTNEHWlq3hoPMcoEVKiePN968jyTmuw:eqRctbiQwWA3iPhybrje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
423804356c2d8c8f7f48558cb84ffa52_JaffaCakes118

Files

423804356c2d8c8f7f48558cb84ffa52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e16c2335da176eecd991ca43597cd08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-1.0

__errno
__main
_ctype_
abort
access
alarm
atoi
atol
bcopy
calloc
chdir
close
closedir
connect
cygwin_conv_to_full_posix_path
cygwin_conv_to_posix_path
cygwin_conv_to_win32_path
cygwin_internal
dlclose
dlerror
dll_crt0__FP11per_process
dlopen
dlsym
dup
dup2
endgrent
endpwent
execve
exit
fclose
fcntl
fdopen
fflush
fgets
fileno
fopen
fork
fprintf
fputc
fputs
free
fstat
fwrite
getcwd
getdtablesize
getegid
geteuid
getgid
getgrent
getgroups
gethostbyname
gethostname
getpeername
getpgrp
getpid
getppid
getpwent
getpwnam
getpwuid
getrlimit
getrusage
getservbyname
gettimeofday
getuid
inet_aton
ioctl
isatty
isinf
isnan
kill
killpg
localeconv
localtime
longjmp
lseek
lstat
malloc
memcpy
memmove
memset
mkfifo
open
opendir
pathconf
pipe
printf
putc
putchar
puts
qsort
read
readdir
readlink
realloc
sbrk
select
setdtablesize
setgid
setgrent
setjmp
setlocale
setmode
setpgid
setpwent
setrlimit
setuid
setvbuf
sigaction
sigaddset
sigdelset
sigemptyset
sigprocmask
sleep
snprintf
socket
sprintf
stat
strcasecmp
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncasecmp
strncmp
strncpy
strpbrk
strrchr
strsignal
strstr
strtod
strtoul
sysconf
tcflow
tcgetattr
tcgetpgrp
tcsetattr
tcsetpgrp
time
ttyname
tzset
umask
unlink
vfprintf
vsnprintf
waitpid
write

msys-regex-1

regcomp
regexec
regfree

msys-termcap-0

tgetent
tgetflag
tgetnum
tgetstr
tgoto
tputs

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

user32

CloseClipboard
GetClipboardData
OpenClipboard

Sections

.text
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vwuthbc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e16c2335da176eecd991ca43597cd08

Headers

File Characteristics

Imports

msys-1.0

msys-regex-1

msys-termcap-0

kernel32

user32

Sections

.text Size: 445KB - Virtual size: 445KB

.data Size: 98KB - Virtual size: 98KB

.data_cy Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 16KB

.idata Size: 34KB - Virtual size: 35KB

vwuthbc Size: - Virtual size: 4KB

.text
Size: 445KB - Virtual size: 445KB

.data
Size: 98KB - Virtual size: 98KB

.data_cy
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 16KB

.idata
Size: 34KB - Virtual size: 35KB

vwuthbc
Size: - Virtual size: 4KB