a96df6c05dffa67e42eb85531d11891c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a96df6c05dffa67e42eb85531d11891c_JaffaCakes118
Size

59KB
MD5

a96df6c05dffa67e42eb85531d11891c
SHA1

b6f818d08c2d758dd71dcfea2e63b2f21539efa3
SHA256

97df33044fcad12a8b71c0906abb760319674b72c2d64a3ace9b4728f678b2aa
SHA512

aa219fa8cb528c56c1d0196b0926c8d45efde06cce303bf9d00a5593ee876e7c525f49ff9d8ec81aca3b95c572d6205983a8677c8b959729a251c28a29d538c4
SSDEEP

768:kFpXs/R1Xiv43V/yLhg+zdyS7FZUkLho2YEamxcdVkXRs9gmkhdv0Lv8x3nyb1Ff:km/RMK+5L5ZvXtoVD9gmXm3yvxWPuJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a96df6c05dffa67e42eb85531d11891c_JaffaCakes118

Files

a96df6c05dffa67e42eb85531d11891c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6793173fc747f53f62d60ff97a4535c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_ctype_
_exit
_fchown32
_fcntl64
_fstat64
_impure_ptr
_lseek64
_lstat64
_open64
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
exit
fchmod
fflush
fileno
fprintf
fputc
free
fwrite
getc
getenv
isatty
localtime
malloc
memcpy
memmove
memset
opendir
perror
printf
putc
putchar
puts
raise
read
readdir
realloc
sigaction
sigaddset
sigemptyset
sigismember
signal
sigprocmask
strcat
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strrchr
strspn
unlink
utime
write

kernel32

GetModuleHandleA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 322KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE