3c2ce017eb14509bf02229b36523d5c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c2ce017eb14509bf02229b36523d5c1_JaffaCakes118
Size

1.3MB
MD5

3c2ce017eb14509bf02229b36523d5c1
SHA1

ed3d59a20849706eb2ff4fd38d81b61127a353cc
SHA256

7c314a1abf7f863e2c4b6a2cba18c2959084864756257c87f845e04c3fb41657
SHA512

4ffc3bc3a8b6a26507a538d0ef3c4450a784036855201f79113eb6c298d43bc7f49408f79c2649ee415eb64fc40361cd5680167a9f88dc18c21c8d53474ae3e2
SSDEEP

24576:msoLL7vpSewOP9U5bMzUDGcMCdDPZUbpgI18bwroPr07qO2jRhyGizil7:msGnprwkqbM/sZibpg28YIr07F2jYg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c2ce017eb14509bf02229b36523d5c1_JaffaCakes118

Files

3c2ce017eb14509bf02229b36523d5c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f456ac36f723dc52d12e33b32e861f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__main
_acl32
_ctype_
_exit
_fchown32
_fdopen64
_fopen64
_fseeko64
_fstat64
_ftello64
_getgid32
_getpwuid32
_getuid32
_impure_ptr
_lseek64
_lstat64
_open64
_stat64
access
atoi
atol
calloc
chdir
chmod
close
closedir
ctime
cygwin_conv_to_posix_path
cygwin_internal
dlclose
dlerror
dll_crt0__FP11per_process
dlopen
dlsym
dup
dup2
execl
execvp
exit
fclose
fflush
fgets
fileno
fork
fprintf
fputc
fputs
fread
free
fseek
fsync
ftell
fwrite
getc
getcwd
getenv
getpid
getpwnam
getrlimit
gettimeofday
ioctl
isatty
iswupper
kill
localtime
longjmp
malloc
memchr
memcpy
memmove
memset
mkdir
nanosleep
nl_langinfo
opendir
pipe
printf
putc
qsort
read
readdir
readlink
realloc
rename
rewind
rmdir
select
setenv
setjmp
setlocale
setsid
signal
sigset
sprintf
sscanf
strcasecmp
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strstr
strtok
strtol
sync
sysconf
tcgetattr
tcsetattr
time
towlower
towupper
umask
uname
ungetc
unlink
utime
wait
waitpid
write

cygiconv-2

libiconv
libiconv_close
libiconv_open

cygintl-8

_nl_msg_cat_cntr
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_textdomain
_nl_msg_cat_cntr

cygncurses-8

BC
PC
UP
ospeed
tgetent
tgetflag
tgetnum
tgetstr
tgoto
tputs
PC
PC
BC
BC
UP
UP
ospeed

kernel32

GetModuleHandleA
IsDBCSLeadByteEx

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f456ac36f723dc52d12e33b32e861f3

Headers

File Characteristics

Imports

cygwin1

cygiconv-2

cygintl-8

cygncurses-8

kernel32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 64KB - Virtual size: 64KB

.rdata Size: 105KB - Virtual size: 105KB

.bss Size: - Virtual size: 34KB

.idata Size: 10KB - Virtual size: 10KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 64KB - Virtual size: 64KB

.rdata
Size: 105KB - Virtual size: 105KB

.bss
Size: - Virtual size: 34KB

.idata
Size: 10KB - Virtual size: 10KB