dd6b9a45e805ee6ce353ffd49cc1a81d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd6b9a45e805ee6ce353ffd49cc1a81d_JaffaCakes118
Size

27KB
MD5

dd6b9a45e805ee6ce353ffd49cc1a81d
SHA1

77f3a2230f3eb65fcf9ef4692f42ed38131283ed
SHA256

5c31e2c3945b37c7e0f99d510dc9d4501a63b07a2eefb9eb4c91b2be0cefbc5f
SHA512

4eba6576fac4ccad1d00edb42ba8f08cba21ec0ee536cde80f2e7692777b6ca3f0159ff65ed7da3a01d5a37dc757545b75b5215e9894308a4f0c4c7a8b1507e2
SSDEEP

384:btTbzRJHNq7W1ZLBZuulnMmmey4kuT9Jgba0gT5UpFgxNznTRpNa/8Jge5ud3CES:btT1p1LOt4tgbaNaoHIeud3jiVfAI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cogs_irc.exe

Files

dd6b9a45e805ee6ce353ffd49cc1a81d_JaffaCakes118
.zip
cogs_chall.h
cogs_irc.c
cogs_irc.exe
.exe windows:4 windows x86 arch:x86

f67bcc3296901a22971d24b9790c9da3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateThread
ExitProcess
SetUnhandledExceptionFilter
Sleep

msvcrt

_strdup
_stricmp
_strnicmp
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_onexit
_setmode
_vsnprintf
atexit
atoi
exit
fclose
fflush
fgetc
fgets
fopen
fprintf
fputc
fputs
free
fwrite
malloc
memcpy
memmove
memset
printf
puts
rand
realloc
setbuf
signal
sprintf
srand
strchr
strcpy
strerror
strlen
strncpy
time
tolower

ws2_32

WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
htons
inet_addr
inet_ntoa
listen
ntohs
recv
select
send
setsockopt
shutdown
socket

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cogs_irc.ini
cogs_irc.txt
cogs_irc_chall.h
sockline.h
winerr.h

Sharing

General

Malware Config

Signatures

Files

f67bcc3296901a22971d24b9790c9da3

Headers

File Characteristics

Imports

kernel32

msvcrt

ws2_32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 64B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 64B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 1KB