08352b92a4792e5e608b181d1491a700_JaffaCakes118

General

Target

08352b92a4792e5e608b181d1491a700_JaffaCakes118
Size

193KB
MD5

08352b92a4792e5e608b181d1491a700
SHA1

efea22929c606f3474e4f23439e8454e324b8058
SHA256

99c84aea345e02be6372637e5c4bf87954c4345714b04542e9a18533139719f4
SHA512

4ec394dd81415ba072762871b20138059345314b044b9147a46a8931241d152e591e3bb72c2ee431e6e68bdcaca83bbcb52be6b7fd63539cb66ed78d3ab10cd9
SSDEEP

3072:NTL47ANw/M/vfL6TRo/0t51KvcEyPPe6iR28fXezgDaPVR:9j+TiDvo/9zgmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08352b92a4792e5e608b181d1491a700_JaffaCakes118

Files

08352b92a4792e5e608b181d1491a700_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d36a081c2e29304a4ba6ea70df181a6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_ctype_
_fopen64
_impure_ptr
_open64
_stat64
abort
access
atoi
calloc
close
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fgets
fileno
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getcwd
getenv
getpwnam
isatty
localtime
malloc
memchr
memcpy
memmove
memset
mkdir
pathconf
perror
printf
putc
puts
qsort
read
realloc
setlocale
sprintf
sscanf
strcasecmp
strcat
strchr
strcmp
strcpy
strerror
strlen
strncasecmp
strncat
strncmp
strncpy
strrchr
strstr
time
ungetc
unlink
vfprintf
vsprintf
write

cygintl-3

libintl_bindtextdomain
libintl_gettext
libintl_textdomain

kernel32

GetModuleHandleA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d36a081c2e29304a4ba6ea70df181a6a

Headers

File Characteristics

Imports

cygwin1

cygintl-3

kernel32

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 25KB - Virtual size: 25KB

.rdata Size: 29KB - Virtual size: 28KB

.bss Size: - Virtual size: 11KB

.idata Size: 8KB - Virtual size: 8KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 25KB - Virtual size: 25KB

.rdata
Size: 29KB - Virtual size: 28KB

.bss
Size: - Virtual size: 11KB

.idata
Size: 8KB - Virtual size: 8KB