07047cb830e7a4d6d33b40b0cbdd8076_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07047cb830e7a4d6d33b40b0cbdd8076_JaffaCakes118
Size

42KB
MD5

07047cb830e7a4d6d33b40b0cbdd8076
SHA1

a77c7adbf62ead82f268f9a05e1ac4ba58eaee43
SHA256

e3cbe247e36d59813707771d44e4ecfc31b4141b20e95c8f83a073699325a6eb
SHA512

ba2838de2d2b345257c4121b69e5845e14af328354fa85d897c774086fdbb865394d4f6427b03dd67d266142b36a3e4ea6921189156a137c0e5804eede002e92
SSDEEP

768:eRGcJCq1CradrvdhAtWHy2MVvCKENKUTeV7VlP0EbaOzhrO:CJL1QaZ1CaiVvCjNW7VlP0EbaOZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07047cb830e7a4d6d33b40b0cbdd8076_JaffaCakes118

Files

07047cb830e7a4d6d33b40b0cbdd8076_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a7ce4a49a0b116396fc62e9e4114eec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__getreent
__main
_ctype_
_fdopen64
_fopen64
_fstat64
_impure_ptr
access
atoi
calloc
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fgetc
fgets
fileno
fprintf
fputc
fputs
free
fseek
fwrite
getenv
getopt
malloc
memset
mkstemp
optarg
optind
perror
printf
putc
puts
realloc
remove
rewind
sprintf
strcat
strchr
strcmp
strcpy
strdup
strlen
strncpy
strtol

kernel32

GetModuleHandleA

cygncurses-8

_nc_boolcodes
_nc_boolfnames
_nc_boolnames
_nc_capcmp
_nc_check_termtype2
_nc_curr_col
_nc_curr_line
_nc_disable_period
_nc_doalloc
_nc_find_entry
_nc_first_name
_nc_get_hash_table
_nc_head
_nc_infotocap
_nc_name_match
_nc_numcodes
_nc_numfnames
_nc_numnames
_nc_read_entry_source
_nc_resolve_uses2
_nc_rootname
_nc_set_source
_nc_set_type
_nc_set_writedir
_nc_strcodes
_nc_strfnames
_nc_strnames
_nc_syntax
_nc_tail
_nc_tic_dir
_nc_tic_expand
_nc_tic_written
_nc_tinfo_fkeysf
_nc_tparm_err
_nc_tracing
_nc_trim_sgr0
_nc_user_definable
_nc_visbuf
_nc_visbuf2
_nc_warning
_nc_write_entry
curses_version
keyname
tparm
use_extended_names
_nc_tracing
_nc_tracing
_nc_check_termtype2
_nc_check_termtype2
_nc_head
_nc_head
_nc_head
_nc_disable_period
_nc_disable_period
_nc_curr_line
_nc_curr_line
_nc_curr_col
_nc_tail
_nc_tparm_err
_nc_tparm_err
_nc_tparm_err
_nc_tparm_err
_nc_tparm_err
_nc_tparm_err
_nc_syntax
_nc_syntax
_nc_user_definable
_nc_user_definable
_nc_user_definable
_nc_user_definable
_nc_user_definable
_nc_user_definable

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 560B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MPR
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a7ce4a49a0b116396fc62e9e4114eec

Headers

File Characteristics

Imports

cygwin1

kernel32

cygncurses-8

Sections

.text Size: 23KB - Virtual size: 23KB

.data Size: 512B - Virtual size: 112B

.rdata Size: 13KB - Virtual size: 13KB

.bss Size: - Virtual size: 560B

.idata Size: 3KB - Virtual size: 3KB

MPR Size: 512B - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 23KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 13KB - Virtual size: 13KB

.bss
Size: - Virtual size: 560B

.idata
Size: 3KB - Virtual size: 3KB

MPR
Size: 512B - Virtual size: 4KB