0c36c0ba4adf71e0e9d5e53075b1e0e0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0c36c0ba4adf71e0e9d5e53075b1e0e0_JaffaCakes118
Size

200KB
MD5

0c36c0ba4adf71e0e9d5e53075b1e0e0
SHA1

a844c5eaef557fbe013006d188f4c84046244af0
SHA256

fca7195a227012dc1aa04c82de2b19e3b7d59ce0c367dd1ae11212c46551a088
SHA512

9ab9b1549c5db9411046f7a54dff329fa6858c8ab10f1b501a2121e60120ab391ad7bf8e9b8dde711126d28e1e53ccb14c5b14a9f33e97c2475012e96432d263
SSDEEP

3072:HYTq9swCB1kPFrlAWtcQj3IB/f8zyMkatHequT2lBX4KEeB6jqElYtXQ:Hv0A5rcneeqXBX4KEeBSqElYtXQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c36c0ba4adf71e0e9d5e53075b1e0e0_JaffaCakes118

Files

0c36c0ba4adf71e0e9d5e53075b1e0e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1048c8ce89fa79bd046d43cb8965cdcf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygcrypto-0.9.8

CRYPTO_free
DES_ecb_encrypt
DES_set_key
DES_set_odd_parity
ERR_error_string
ERR_get_error
MD4_Final
MD4_Init
MD4_Update
MD5_Final
MD5_Init
MD5_Update
OPENSSL_add_all_algorithms_noconf
RAND_egd
RAND_file_name
RAND_load_file
RAND_status
X509_NAME_get_text_by_NID
X509_NAME_oneline
X509_free
X509_get_issuer_name
X509_get_subject_name
X509_verify_cert_error_string

cygwin1

__assert
__errno
__getreent
__main
_fdopen64
_fopen64
_freopen64
_fseeko64
_fstat64
_ftello64
_getpwuid32
_getuid32
_impure_ptr
_lstat64
_mmap64
_open64
_stat64
abort
accept
access
atoi
bind
calloc
chmod
close
connect
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fgetc
fgets
fileno
fork
fprintf
fputc
fputs
fread
free
fwrite
getenv
gethostbyname
getopt_long
getpeername
getsockname
h_errno
inet_addr
inet_ntoa
ioctl
isatty
listen
localeconv
localtime
longjmp
malloc
memchr
memcpy
memmove
memset
mkdir
mktime
munmap
nanosleep
optarg
optind
perror
printf
putc
putchar
qsort
rand
read
readlink
realloc
recv
rename
select
setitimer
setjmp
setlocale
setsid
setsockopt
signal
sigprocmask
snprintf
socket
sprintf
srand
sscanf
strcasecmp
strcat
strchr
strcmp
strcpy
strdup
strerror
strlen
strncasecmp
strncmp
strncpy
strpbrk
strptime
strrchr
strstr
strtok
strtoll
symlink
time
timegm
unlink
utime
vfprintf
vsnprintf
write
optarg
optarg
optarg
optarg
optarg
optarg
optind
optind
optind
optind
optind

cygintl-8

libintl_bindtextdomain
libintl_gettext
libintl_textdomain

cygssl-0.9.8

SSL_CTX_ctrl
SSL_CTX_free
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_set_default_verify_paths
SSL_CTX_set_verify
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_certificate_file
SSL_connect
SSL_free
SSL_get_error
SSL_get_peer_certificate
SSL_get_verify_result
SSL_library_init
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_set_connect_state
SSL_set_fd
SSL_shutdown
SSL_write
SSLv23_client_method
SSLv2_client_method
SSLv3_client_method
TLSv1_client_method

kernel32

GetModuleHandleA
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1048c8ce89fa79bd046d43cb8965cdcf

Headers

File Characteristics

Imports

cygcrypto-0.9.8

cygwin1

cygintl-8

cygssl-0.9.8

kernel32

Sections

.text Size: 139KB - Virtual size: 138KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 31KB - Virtual size: 30KB

.bss Size: - Virtual size: 35KB

.idata Size: 16KB - Virtual size: 37KB

.text
Size: 139KB - Virtual size: 138KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 31KB - Virtual size: 30KB

.bss
Size: - Virtual size: 35KB

.idata
Size: 16KB - Virtual size: 37KB