a1b764ba20086223d544424380f7b362_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1b764ba20086223d544424380f7b362_JaffaCakes118
Size

79KB
MD5

a1b764ba20086223d544424380f7b362
SHA1

d683bd480c0b5f2f405f368d051a032cfcf7893b
SHA256

31ecf2eab8de179a572889e6a5100da9e28918c4f7573cbaf8ef846540854c69
SHA512

1001eeddb97f5057f52fb1411726e4c16a02d2e35e837dc2bbb253c6b45c4cf93859270f6a54e89c64691cf829b234b539e496f0792d0962914ffa64c8db5dca
SSDEEP

1536:iuwA/EMeWS14fuw9sEJBq6zPkM5r5pMIZPDGfsUqYTUz0G2sk:iuwAtcusSzPkUrUIZMTK2n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1b764ba20086223d544424380f7b362_JaffaCakes118

Files

a1b764ba20086223d544424380f7b362_JaffaCakes118
.exe windows:4 windows x86 arch:x86

940d9deab18b13d4a41d148c264a0349

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
__mb_cur_max
_ctype_
_exit
_fopen64
_impure_ptr
_stat64
_tzname
abort
atexit
calloc
clock_gettime
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fprintf
fputc
fputs
free
fwrite
getenv
getline
gettimeofday
gmtime
gmtime_r
iswprint
localtime
localtime_r
malloc
mbrlen
mbrtowc
mbsinit
memcpy
memset
printf
putc_unlocked
putenv
realloc
setenv
setlocale
settimeofday
sprintf
strchr
strcmp
strerror_r
strftime
strlen
strncmp
time
tzset
unsetenv
vfprintf

cygintl-8

libintl_bindtextdomain
libintl_gettext
libintl_textdomain

kernel32

GetModuleHandleA

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 624B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 34KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE