5d3b87e70dca395b9295fe9be1443a1b_JaffaCakes118

General

Target

5d3b87e70dca395b9295fe9be1443a1b_JaffaCakes118
Size

112KB
MD5

5d3b87e70dca395b9295fe9be1443a1b
SHA1

db0e7f979d7e2ecd060bc7cbd83b796ab9c8138e
SHA256

2ec102e54cc4084d992826859d53959a504b92bd074e0a39945c5c27cb487509
SHA512

b7a5dfabd674d49a1e1677d37a0bac77d2897e7fc944237ebe17f05dc61fa57a2a9f873063e9e346f1967043fcd2e3a4f6bf90158725d49bea935d4384b34cdf
SSDEEP

1536:ttx2NuLsO7gGBipOKd0VQIoT2XoVRSzu5Ie89qWLXkPHIxSj4gcvzzfrIOro/yF8:tTkuLUGQXd09XSRe/q9o6YrzUO0y/e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d3b87e70dca395b9295fe9be1443a1b_JaffaCakes118

Files

5d3b87e70dca395b9295fe9be1443a1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b32acaa0cb5d2699faad6895aa9e2914

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleHandleA

cygwin1

__errno
__getreent
__main
_ctype_
_fopen64
_fstat64
_getegid32
_geteuid32
_getgid32
_getuid32
_lseek64
_open64
_stat64
abort
atoi
bcopy
calloc
close
creat
cygwin_internal
dll_crt0__FP11per_process
dup
exit
fclose
fgetc
fgets
fileno
free
fsync
getc
getenv
getpid
ioctl
isatty
kill
longjmp
malloc
memcpy
memset
pclose
popen
putc
read
realloc
setjmp
setlocale
sigemptyset
signal
sigprocmask
sleep
sprintf
strcasecmp
strcat
strchr
strcmp
strcpy
strdup
strerror
strlen
strncmp
strncpy
strsep
strstr
strtoul
system
tcgetattr
tcsetattr
time
write

cygpcre-0

pcre_compile
pcre_exec
pcre_free
pcre_free

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b32acaa0cb5d2699faad6895aa9e2914

Headers

File Characteristics

Imports

kernel32

cygwin1

cygpcre-0

Sections

.text Size: 104KB - Virtual size: 103KB

.data Size: 4KB - Virtual size: 3KB

.rdata Size: 1024B - Virtual size: 1024B

.bss Size: - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 103KB

.data
Size: 4KB - Virtual size: 3KB

.rdata
Size: 1024B - Virtual size: 1024B

.bss
Size: - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 2KB