a3e736a3273c8a80c841ab16a7360759_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3e736a3273c8a80c841ab16a7360759_JaffaCakes118
Size

12KB
MD5

a3e736a3273c8a80c841ab16a7360759
SHA1

75ff4c611b51f8655c39a5b15139072e3208e12e
SHA256

bf4c669111cd6dcb19a8a4892e16d4b6451f3fd01056bbfc686ee34105b35d86
SHA512

8002f4b22cd6f8ababea6e43a9faf308cdc8e839cf2213d8b035e3b3b121f5966d18882210f4b523a70469032303a0842120fa0b64a7bb361e8f9daa6963c2fc
SSDEEP

192:1jok5HIwFy/8N1OjY4VxNJ2F7FtT2TTyusfgF4FEQ:ekWd/MOjYUbM7FxSF4CQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3e736a3273c8a80c841ab16a7360759_JaffaCakes118

Files

a3e736a3273c8a80c841ab16a7360759_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5cd6a65f63332250bb811837e6c09ca7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

cygwin1

_impure_ptr
abort
calloc
cygwin_create_path
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
free
malloc
memcpy
realloc
strlen
vsnprintf

cyggcc_s-1

__deregister_frame_info
__register_frame_info

kernel32

GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

cygncurses-10

SP
_nc_panelhook_sp
_nc_screen_of
is_linetouched
mvwin
wnoutrefresh
wtouchln
SP
SP
SP
SP
SP

Exports

Exports

bottom_panel
ceiling_panel
del_panel
ground_panel
hide_panel
move_panel
new_panel
panel_above
panel_below
panel_hidden
panel_userptr
panel_window
replace_panel
set_panel_userptr
show_panel
top_panel
update_panels
update_panels_sp

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 304B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cd6a65f63332250bb811837e6c09ca7

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

cyggcc_s-1

kernel32

cygncurses-10

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 368B

/4 Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 304B

.edata Size: 512B - Virtual size: 466B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 320B

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 368B

/4
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 304B

.edata
Size: 512B - Virtual size: 466B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 320B