173d80e72caac56b51508d0719ee36e2_JaffaCakes118

General

Target

173d80e72caac56b51508d0719ee36e2_JaffaCakes118
Size

99KB
MD5

173d80e72caac56b51508d0719ee36e2
SHA1

3e65f020732339c203fe0afd11811bbb8c314307
SHA256

a3723a68ceeeaf92f953f7ad7148349d8d56511a97b1ade31b791217c3d959cd
SHA512

f40f2db3a7cdc7d40d011abd05ee986830c13ca4e2eb5cce48878bf6f794202bf238c0e8d3bbe2cdd53d96abaf8b36d6ff678f18efd3b0c69467326ae3b10545
SSDEEP

1536:7UqAWYfphS6Ba19/yc21kpF8k8xFLKwNAg5dJ871sqAo5/ARoTHCEmI:oqAJXSZ19h21kpmFrxNr01jHfCDI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
173d80e72caac56b51508d0719ee36e2_JaffaCakes118

Files

173d80e72caac56b51508d0719ee36e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7e25f3db656ee879d35085929b33819

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_exit
_fcntl64
_fopen64
_impure_ptr
accept
alarm
atexit
atoi
bind
calloc
close
closelog
connect
cygwin_internal
daemon
difftime
dll_crt0__FP11per_process
execvp
exit
fclose
fflush
fork
fprintf
free
getenv
gethostbyname
getopt
getpid
getppid
gettimeofday
h_errno
hstrerror
htons
kill
listen
localtime
longjmp
malloc
memmove
memset
openlog
optarg
pause
poll
random
read
realloc
setjmp
setsockopt
shutdown
sigaction
sigemptyset
sigprocmask
sleep
snprintf
socket
srandom
strchr
strcmp
strerror
strftime
strlen
strncasecmp
strtol
strtoul
time
uname
unlink
vfprintf
vsyslog
waitpid
write

kernel32

GetModuleHandleA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 664B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7e25f3db656ee879d35085929b33819

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 56B

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 664B

.idata Size: 2KB - Virtual size: 1KB

.hdata Size: 80KB - Virtual size: 80KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 56B

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 664B

.idata
Size: 2KB - Virtual size: 1KB

.hdata
Size: 80KB - Virtual size: 80KB