65e08df76f5b7a14b43eaa70cb04e1d7_JaffaCakes118

General

Target

65e08df76f5b7a14b43eaa70cb04e1d7_JaffaCakes118
Size

384KB
MD5

65e08df76f5b7a14b43eaa70cb04e1d7
SHA1

63179814cc96e14c9f6e69725302f377cbd10760
SHA256

916525273bacbddd7c90904892512fb446fe6d7cdda06a272e6690f2525a1a82
SHA512

ceef5416e906972d1857f41e65c7f4ada9367acf78c13bd49e55f6a64aa232c3257a8ce0a7bc9f4fab585b6c2cfc960dfc85259a0c28f938fe076d7c83e1be92
SSDEEP

6144:Q6sR7rH28J7kres6bIHV6w6f42Y+tjtE7lhK+tIEV4CYfQdPb:UhL28+res6bI1DSY+tjtgKISQh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65e08df76f5b7a14b43eaa70cb04e1d7_JaffaCakes118

Files

65e08df76f5b7a14b43eaa70cb04e1d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba7aed6e29564907a84926c340c3c41e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygcrypt-0

crypt

cygwin1

__assert_func
__ctype_ptr__
__errno
__getreent
__main
__res_init
_dll_crt0@0
_exit
_fcntl64
_fopen64
_fstat64
_geteuid32
_getpwuid32
_impure_ptr
_lseek64
_lstat64
_mmap64
_open64
_setgid32
_setgroups32
_setuid32
_stat64
abort
accept
alarm
atof
atoi
atol
bind
calloc
chdir
chroot
close
closedir
connect
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
dup
execvp
exit
fclose
fflush
fgets
fileno
fnmatch
fork
fprintf
free
freeaddrinfo
fwrite
getaddrinfo
gethostbyname
getnameinfo
getpeername
getpid
getpwnam
getrlimit
getrusage
getsockname
getsockopt
gettimeofday
h_errno
hstrerror
inet_aton
inet_ntoa
inet_ntop
inet_pton
ioctl
isatty
kill
link
listen
localtime
malloc
memcpy
memset
mkdir
mktime
munmap
opendir
printf
putchar
puts
raise
rand
read
readdir
readdir_r
realloc
recv
rename
select
send
setlocale
setrlimit
setsid
setsockopt
shutdown
sigaction
sigaddset
sigemptyset
sigfillset
signal
sigprocmask
sleep
snprintf
socket
socketpair
sprintf
srand
sscanf
statvfs
strcasecmp
strcasestr
strchr
strcmp
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strptime
strrchr
strsignal
strstr
strtok
strtol
tcgetattr
tcsetattr
time
toupper
uname
unlink
usleep
vprintf
vsnprintf
waitpid
write

kernel32

GetModuleHandleA

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba7aed6e29564907a84926c340c3c41e

Headers

File Characteristics

Imports

cygcrypt-0

cygwin1

kernel32

Sections

.text Size: 243KB - Virtual size: 243KB

.data Size: 69KB - Virtual size: 69KB

.bss Size: - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 243KB - Virtual size: 243KB

.data
Size: 69KB - Virtual size: 69KB

.bss
Size: - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 3KB