eb350d49b9744b4a0ad263d25369d895_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb350d49b9744b4a0ad263d25369d895_JaffaCakes118
Size

230KB
MD5

eb350d49b9744b4a0ad263d25369d895
SHA1

a29257f3aa755c5881eefaa5dc1a1bb95ef19165
SHA256

a4a0f060ad65f8ae8eb0a232c45c3774c9a2d94cc897f8bdc68646f5f0072272
SHA512

8fd9ae79a5adef096a6f5ea2b7acae4188bee103d6efccf77595336a7814470e5d2f836d4e1a3cc58ac3a963631b837e4fbd75bbaf725d46bb541b509908cfc1
SSDEEP

6144:pnf4/gAj7BnGP5chThsRF2dzSx+oE5agTra+:R4IA3BnGP5chTKFg2xs5fD

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/aircrack-2.22/win32/aircrack.exe
unpack001/aircrack-2.22/win32/airdecap.exe
unpack001/aircrack-2.22/win32/airodump.exe
unpack001/aircrack-2.22/win32/wzcook.exe

Files

eb350d49b9744b4a0ad263d25369d895_JaffaCakes118
.zip
aircrack-2.22/ChangeLog
aircrack-2.22/Makefile
aircrack-2.22/README.html
.html
aircrack-2.22/README.txt
aircrack-2.22/airmon.sh
.sh linux
aircrack-2.22/linux/aircrack.c
aircrack-2.22/linux/airdecap.c
aircrack-2.22/linux/aireplay.c
aircrack-2.22/linux/airodump.c
aircrack-2.22/linux/arpforge.c
aircrack-2.22/linux/crctable.h
aircrack-2.22/linux/crypto.c
aircrack-2.22/linux/crypto.h
aircrack-2.22/linux/kismet.conf~
aircrack-2.22/linux/patch/hostap-driver-0.3.9.patch
aircrack-2.22/linux/patch/madwifi-cvs-20050814.patch
aircrack-2.22/linux/patch/prism54-svn-20050724.patch
aircrack-2.22/linux/patch/rt2500-cvs-20050724.patch
aircrack-2.22/linux/patch/rtl8180-0.21.patch
aircrack-2.22/linux/patch/wlanng-0.2.1-pre26.patch
aircrack-2.22/linux/pcap.h
aircrack-2.22/linux/sha1-mmx.S
aircrack-2.22/linux/uniqueiv.c
aircrack-2.22/test/Makefile
aircrack-2.22/test/kstats.c
aircrack-2.22/test/makeivs.c
aircrack-2.22/test/password.lst
aircrack-2.22/test/wpa.cap
aircrack-2.22/win32/aircrack.exe
.exe windows:4 windows x86 arch:x86

ffc5e05f4ba0bbfbe14d92d00f54021e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_fcntl64
_fdopen64
_fopen64
_impure_ptr
_open64
atoi
calloc
cygwin_internal
dll_crt0__FP11per_process
fflush
fgets
fprintf
free
fwrite
getopt
gettimeofday
ioctl
malloc
memcpy
memset
optarg
optind
perror
pipe
printf
putchar
puts
qsort
rand
read
realloc
scanf
signal
sleep
sscanf
strchr
strcmp
strcpy
strlen
strncpy
usleep
write
_fcntl64
_fdopen64
_fopen64
_open64
__getreent
pthread_cond_broadcast
pthread_cond_init
pthread_cond_wait
pthread_create
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock

kernel32

ExitProcess
GetModuleHandleA

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 147KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
aircrack-2.22/win32/airdecap.exe
.exe windows:4 windows x86 arch:x86

0e0a47c17350e9fc6ee35c90411d78ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
GetModuleFileNameA
GetModuleHandleA
SetConsoleTextAttribute
GetStdHandle
SetConsoleCursorPosition
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
SetConsoleWindowInfo
SetConsoleScreenBufferSize
SetConsoleTitleA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapFree
CloseHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FlushFileBuffers
SetHandleCount
GetFileType
GetStartupInfoA
ReadFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
MultiByteToWideChar
SetFilePointer
SetStdHandle
GetStringTypeA
GetStringTypeW
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
SetEnvironmentVariableA

user32

LoadIconA
SendMessageA
FindWindowA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aircrack-2.22/win32/airodump.exe
.exe windows:4 windows x86 arch:x86

93966cc94a32ed5862bb21c40eb04cc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
CreateSemaphoreA
GetProcAddress
LoadLibraryA
CreateEventA
Sleep
SetConsoleTextAttribute
GetStdHandle
SetConsoleCursorPosition
GetTickCount
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
SetConsoleWindowInfo
SetConsoleScreenBufferSize
GetModuleHandleA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetConsoleTitleA
ReleaseSemaphore
WaitForSingleObject
FillConsoleOutputCharacterA
GetSystemTimeAsFileTime
SetEndOfFile
GetOEMCP
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
SetFilePointer
WriteFile
ReadFile
SetHandleCount
GetFileType
GetStartupInfoA
FlushFileBuffers
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
CloseHandle
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetStdHandle
CreateFileA
GetCPInfo
GetACP
SetEnvironmentVariableA

user32

LoadIconA
SendMessageA
FindWindowA

advapi32

RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

shell32

ShellExecuteA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aircrack-2.22/win32/wzcook.exe
.exe windows:4 windows x86 arch:x86

7aa4b7e81bf370a5ec62d6dcd33b058b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
LCMapStringA
GetLastError
GetStringTypeW
GetStringTypeA
GetOEMCP
GetCommandLineA
LoadLibraryA
GetProcAddress
ExitProcess
SetConsoleTitleA
GetModuleHandleA
SetConsoleScreenBufferSize
SetConsoleWindowInfo
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
SetConsoleCursorPosition
GetStdHandle
SetEndOfFile
SetConsoleTextAttribute
TerminateProcess
GetCurrentProcess
GetVersion
SetHandleCount
GetFileType
GetStartupInfoA
HeapAlloc
HeapFree
CloseHandle
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
MultiByteToWideChar
SetFilePointer
VirtualAlloc
HeapReAlloc
FlushFileBuffers
CreateFileA
SetStdHandle
ReadFile
GetCPInfo
GetACP
LCMapStringW

user32

FindWindowA
LoadIconA
SendMessageA
MessageBoxA

advapi32

StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
DeleteService
CreateServiceA
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
GetUserNameA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffc5e05f4ba0bbfbe14d92d00f54021e

Headers

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 53KB - Virtual size: 53KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 147KB

.idata Size: 2KB - Virtual size: 1KB

0e0a47c17350e9fc6ee35c90411d78ae

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 152KB

.rsrc Size: 4KB - Virtual size: 928B

93966cc94a32ed5862bb21c40eb04cc8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 140KB

.rsrc Size: 4KB - Virtual size: 928B

7aa4b7e81bf370a5ec62d6dcd33b058b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 928B

.text
Size: 53KB - Virtual size: 53KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 147KB

.idata
Size: 2KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 152KB

.rsrc
Size: 4KB - Virtual size: 928B

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 140KB

.rsrc
Size: 4KB - Virtual size: 928B

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 928B