77560d5fbfb21e943c10ca46a8050fa5_JaffaCakes118 | Triage

Sharing

General

Target

77560d5fbfb21e943c10ca46a8050fa5_JaffaCakes118
Size

17KB
MD5

77560d5fbfb21e943c10ca46a8050fa5
SHA1

242633c7307bf6d0b07d18042653073462d7b4f2
SHA256

d90ce4eb9b13c6e1f6f6c22dd1d033142c821795373c4360f22ac8ecfd402171
SHA512

254ef5e768523ed2ad4fa3fd31886742d0dc29477531b28eb06f8069fa3920110645a41d30f9618bb93e54a357d7d34ad80d62a9569993b524b424f54b3352d5
SSDEEP

384:qGQmYUGgQkRF05XrqBx7FD/7ZQvr/rNrzrzryrwrR4rcrur0GkWv:W8RF0VrY/dQvr/rNrzrzryrwrR4rcruh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77560d5fbfb21e943c10ca46a8050fa5_JaffaCakes118

Files

77560d5fbfb21e943c10ca46a8050fa5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0cdc3401bd6fb025915c8056a6d373c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED

Imports

cygwin1

__main
calloc
close
connect
cygwin_internal
dll_crt0__FP11per_process
exit
fprintf
free
gethostbyname
htons
inet_addr
malloc
memcpy
memset
perror
printf
read
realloc
select
sleep
socket
sprintf
strcat
strcpy
strlen
strncmp
strstr
strtoul
write

kernel32

GetModuleHandleA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 12B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE