00df9a57d46abb4607e078a21e962045_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00df9a57d46abb4607e078a21e962045_JaffaCakes118
Size

1.8MB
MD5

00df9a57d46abb4607e078a21e962045
SHA1

b5724710f7fd952c8f9bcf51695e2775c4ffacf3
SHA256

c5a99f1511e6e7b37c9b28324c1d7b69ec174d9bdc837269f44cf6519411e3c5
SHA512

044117f487454446f49ab09c7180114c57c5f7f22273cbe2bc9d7c430e31f9a1c1451790aff4ded1e039a11e07131064d64a95afefc52310f4990493f270510a
SSDEEP

24576:ts9WcFVlFF4j7KPAmGQMBAUZLYAywGKH3Gavkg3NyElQhbbToKuHfg1feK:tsHFiniaBAUZLYA/fH3GaXDQuKuHQeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00df9a57d46abb4607e078a21e962045_JaffaCakes118

Files

00df9a57d46abb4607e078a21e962045_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d351ecc6cb81b426cc9eb3f0cb37702

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert_func
__errno
__getreent
__locale_mb_cur_max
__main
_ctype_
_dll_crt0@0
_fcntl64
_fdopen64
_fopen64
_fstat64
_ftruncate64
_getegid32
_geteuid32
_getgid32
_getuid32
_impure_ptr
_lseek64
_mmap64
_open64
_stat64
_timezone
abort
accept
access
argz_count
argz_next
argz_stringify
atexit
atoi
bind
bsearch
calloc
cfsetispeed
cfsetospeed
chdir
close
connect
cygwin_detach_dll
cygwin_internal
dlclose
dlerror
dll_dllcrt0
dlopen
dlsym
execl
exit
fclose
fflush
fgets
fileno
fork
fprintf
fputc
fread
free
freeaddrinfo
fscanf
fseek
fsync
fwrite
gai_strerror
getaddrinfo
getcwd
getenv
gethostbyname
getopt_long
getpid
getservbyname
getsockname
gettimeofday
inet_addr
inet_aton
inet_ntop
inet_pton
ioctl
listen
localtime
localtime_r
longjmp
malloc
mbrtowc
memcpy
memmove
mempcpy
memset
msync
munmap
nl_langinfo
optarg
opterr
optind
perror
posix_memalign
printf
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_create
pthread_exit
pthread_getspecific
pthread_join
pthread_key_create
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_mutexattr_init
pthread_mutexattr_settype
pthread_once
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_setcancelstate
pthread_setcanceltype
pthread_setspecific
pthread_sigmask
putc
putchar
puts
qsort
rand
random
read
realloc
recvfrom
recvmsg
rewind
select
send
sendmsg
sendto
setjmp
setlinebuf
setsockopt
shutdown
sigaction
sigaddset
sigemptyset
signal
snprintf
socket
sprintf
srandom
sscanf
stpcpy
strcasecmp
strchr
strcmp
strcpy
strcspn
strdup
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strstr
strtol
strtoul
strtoull
sysconf
tcflush
tcgetattr
tcsetattr
time
tsearch
umask
unlink
usleep
vfprintf
vsnprintf
waitpid
wcrtomb
write

wpcap

pcap_close
pcap_datalink_name_to_val
pcap_dump
pcap_dump_close
pcap_dump_flush
pcap_dump_open
pcap_findalldevs_ex
pcap_freealldevs
pcap_next
pcap_open
pcap_open_dead
pcap_sendpacket

kernel32

GetACP
GetModuleHandleA
GetProcAddress

Sections

.text
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d351ecc6cb81b426cc9eb3f0cb37702

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

wpcap

kernel32

Sections

.text Size: 784KB - Virtual size: 784KB

.data Size: 1.0MB - Virtual size: 1.0MB

/4 Size: 512B - Virtual size: 184B

.bss Size: - Virtual size: 5KB

.idata Size: 51KB - Virtual size: 52KB

.text
Size: 784KB - Virtual size: 784KB

.data
Size: 1.0MB - Virtual size: 1.0MB

/4
Size: 512B - Virtual size: 184B

.bss
Size: - Virtual size: 5KB

.idata
Size: 51KB - Virtual size: 52KB