b3221962f3a66eb3853e1e51a87e0e2e_JaffaCakes118

General

Target

b3221962f3a66eb3853e1e51a87e0e2e_JaffaCakes118
Size

441KB
MD5

b3221962f3a66eb3853e1e51a87e0e2e
SHA1

0f75abed6ca3194e967ac8e36ea5debc5a68e8d2
SHA256

308e48f93f58690327793eaee9445e15def266e36f46778e5e5e91127ea613fd
SHA512

cfa79227eae48443e7eedfc549396dfc5c1bdc7e4d5bf0940abe0ce63dbe29e102fe29f362c84cd0d7e4c7dd6c0352621886c08ea9a6301e52b6696ea869ee1b
SSDEEP

12288:kszD3Qd9fsuBLqghnD1Jjv7NXKX6CpA7J:kszDW9fsmLqghD1Jjv7NXKX6CpA7J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3221962f3a66eb3853e1e51a87e0e2e_JaffaCakes118

Files

b3221962f3a66eb3853e1e51a87e0e2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e39c3897730c54ec3d66cd56379fe03f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cygwin1

__errno
__main
_ctype_
_exit
_fcntl64
_geteuid32
_getuid32
_open64
_stat64
abort
accept
atoi
atol
bind
calloc
close
connect
ctime
cygwin_internal
dll_crt0__FP11per_process
execl
exit
fork
free
gethostbyname
getpid
getppid
getsockname
inet_ntoa
listen
localtime
malloc
memcpy
memset
printf
pthread_atfork
puts
rand
read
realloc
recvfrom
select
sendto
setsid
setsockopt
signal
snprintf
socket
sprintf
srand
sscanf
strcasecmp
strchr
strcmp
strcpy
strerror
strlen
strncasecmp
strncpy
strpbrk
strstr
time
unlink
usleep
vsprintf
waitpid
write

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleHandleA

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e39c3897730c54ec3d66cd56379fe03f

Headers

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 159KB - Virtual size: 159KB

.data Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 17KB

.idata Size: 2KB - Virtual size: 1KB

.stab Size: 190KB - Virtual size: 190KB

.stabstr Size: 46KB - Virtual size: 46KB

.text
Size: 159KB - Virtual size: 159KB

.data
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 17KB

.idata
Size: 2KB - Virtual size: 1KB

.stab
Size: 190KB - Virtual size: 190KB

.stabstr
Size: 46KB - Virtual size: 46KB