140165257c69ecb792006a94ccb8ec5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

140165257c69ecb792006a94ccb8ec5f_JaffaCakes118
Size

350KB
MD5

140165257c69ecb792006a94ccb8ec5f
SHA1

99db6c93a6198905020a84dcb8c91ef6dfcac737
SHA256

c7c4ef849ed945a35357a3def20259412da13728477f99b48212d4a44b592e66
SHA512

56e963f19d9b53f27d78dff0db0e933f155b4345ae202a43715a8063cf4ae973d00d0031ffb57c0f11aba1a53d799e4c7c16495f70069428cd13bd243e1afd0e
SSDEEP

6144:FQbE+1alqhaOkQ4QN6vYiHzeGhGMKXIOsR9YCzSgQ0GhYdDHjtqB4MYhug9Y8LZ8:FQbE+1+q6QN6vYsBhGFIOsRyCWnYdl6F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140165257c69ecb792006a94ccb8ec5f_JaffaCakes118

Files

140165257c69ecb792006a94ccb8ec5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

694e0efa521d0e227a40131ac40cf508

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__main
__mb_cur_max
_ctype_
_exit
_fcntl64
_fdopen64
_fopen64
_fstat64
_getegid32
_geteuid32
_getgid32
_getgroups32
_getuid32
_impure_ptr
_open64
_stat64
abort
accept
access
atof
atoi
bind
btowc
calloc
close
connect
ctime
cygwin_internal
dlerror
dll_crt0__FP11per_process
dlopen
dlsym
dup
execl
exit
fclose
fflush
fgets
fileno
fork
fprintf
fputc
fputs
free
fwrite
getenv
gethostbyname
getpgrp
getpid
getppid
getservbyname
gmtime
grantpt
isatty
iswalnum
iswctype
iswlower
iswupper
kill
listen
localeconv
localtime
longjmp
malloc
mbrlen
mbrtowc
mbsinit
memcpy
memmove
memset
nl_langinfo
pclose
pipe
popen
printf
ptsname
putc
puts
qsort
read
realloc
recvfrom
setjmp
setlocale
setmode
setsockopt
shutdown
signal
snprintf
socket
sprintf
sscanf
strcasecmp
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncasecmp
strncmp
strncpy
strrchr
strtod
strtol
strtoul
system
tcgetattr
tcsetattr
time
towlower
towupper
unlockpt
vfprintf
wait
wcrtomb
wcscoll
wctype
_fcntl64
_fdopen64
_fopen64
_fstat64
_getegid32
_geteuid32
_getgid32
_getgroups32
_getuid32
_open64
_stat64
atan2
ceil
cos
exp
floor
fmod
log
pow
sin
sqrt

cygintl-8

libintl_bindtextdomain
libintl_dcgettext
libintl_dcngettext
libintl_dgettext
libintl_gettext
libintl_textdomain

kernel32

GetModuleHandleA

Sections

.text
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

694e0efa521d0e227a40131ac40cf508

Headers

File Characteristics

Imports

cygwin1

cygintl-8

kernel32

Sections

.text Size: 237KB - Virtual size: 237KB

.data Size: 1024B - Virtual size: 912B

.rdata Size: 43KB - Virtual size: 42KB

.bss Size: - Virtual size: 15KB

.idata Size: 68KB - Virtual size: 68KB

.text
Size: 237KB - Virtual size: 237KB

.data
Size: 1024B - Virtual size: 912B

.rdata
Size: 43KB - Virtual size: 42KB

.bss
Size: - Virtual size: 15KB

.idata
Size: 68KB - Virtual size: 68KB