aa958ed8391b5d7900cd6d0da2021df2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa958ed8391b5d7900cd6d0da2021df2_JaffaCakes118
Size

1.4MB
MD5

aa958ed8391b5d7900cd6d0da2021df2
SHA1

c874fce3b1c00505a65a2b43086e2351ea526e7e
SHA256

703ee4f2dd5179644f190599ceb433ef592ae9b561b6cb1b91d1a3b762a14245
SHA512

8987ebfce6a5be0a325721e52f985c631c2485ad2ee11d8a2027776a1f5a104df9958ab4f8fb6fb959e9494a372f82f8471e6091b1bdfccbefc723a70f03e1ab
SSDEEP

24576:VPLjWuaGEuYtML21uh+uStMtWjGEfWpoziliTONo9WxpuP+LQe6R:tLjWk0MLkqtefvXExcP+LB6R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa958ed8391b5d7900cd6d0da2021df2_JaffaCakes118

Files

aa958ed8391b5d7900cd6d0da2021df2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e733ea239f0faa0879742f296bce3e02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cygwin1

__assert
__errno
__getreent
__main
_ctype_
_fcntl64
_fopen64
_fstat64
_geteuid32
_getpwuid32
_getuid32
_impure_ptr
_lseek64
_lstat64
_mmap64
_open64
_stat64
abort
accept
alarm
atof
atoi
atol
bind
calloc
close
closedir
connect
cygwin_internal
dlclose
dlerror
dll_crt0__FP11per_process
dlopen
dlsym
dup
execvp
exit
fclose
fflush
fgets
fileno
fnmatch
fork
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
gethostbyname
getpeername
getpid
getrlimit
getrusage
getsockname
getsockopt
gettimeofday
gmtime
h_errno
hstrerror
inet_aton
inet_ntoa
inet_ntop
inet_pton
ioctl
isatty
kill
link
listen
localtime
malloc
memchr
memcpy
memmove
memset
mkdir
mktime
munmap
opendir
printf
putchar
puts
qsort
raise
rand
read
readdir
realloc
rename
select
setlocale
setrlimit
setsid
setsockopt
shutdown
sigaction
sigaddset
sigemptyset
sigfillset
signal
sigprocmask
sleep
snprintf
socket
socketpair
sprintf
srand
sscanf
statvfs
strcasecmp
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncasecmp
strncat
strncmp
strncpy
strptime
strrchr
strsignal
strstr
strtok
strtol
strtoul
tcgetattr
tcsetattr
time
uname
unlink
usleep
vfprintf
vprintf
vsnprintf
waitpid
write

kernel32

GetModuleHandleA

Sections

.text
Size: 884KB - Virtual size: 883KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_MEM_DISCARDABLE

.stabstr
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

e733ea239f0faa0879742f296bce3e02

Headers

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 884KB - Virtual size: 883KB

.data Size: 62KB - Virtual size: 61KB

.rdata Size: 205KB - Virtual size: 204KB

.bss Size: - Virtual size: 44KB

.idata Size: 4KB - Virtual size: 3KB

.stab Size: 5KB - Virtual size: 5KB

.stabstr Size: 9KB - Virtual size: 9KB

.text
Size: 884KB - Virtual size: 883KB

.data
Size: 62KB - Virtual size: 61KB

.rdata
Size: 205KB - Virtual size: 204KB

.bss
Size: - Virtual size: 44KB

.idata
Size: 4KB - Virtual size: 3KB

.stab
Size: 5KB - Virtual size: 5KB

.stabstr
Size: 9KB - Virtual size: 9KB