3a1de10493e3dcd195072703c84b91d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a1de10493e3dcd195072703c84b91d2_JaffaCakes118
Size

75KB
MD5

3a1de10493e3dcd195072703c84b91d2
SHA1

9899d16a134e5b8a36e2de0a3626bcda753be598
SHA256

7c557d46722db760a61b3e40693d64c9203293cee200f30e8c423beee402c920
SHA512

7b4e71107915582c233c368e7f0b18d11db9a68955b0b496bebc47e2208fc9c290cae6f3012ae32842cd55a70570e27558972f55d6f4f542139a6280f9069b2c
SSDEEP

1536:km/RMK+5L5ZvXtoVD9gmXm3yvxWPuqlWabnv0jfmH3GyH:KTvGDcWW2qlWa7szmH1H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a1de10493e3dcd195072703c84b91d2_JaffaCakes118

Files

3a1de10493e3dcd195072703c84b91d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6793173fc747f53f62d60ff97a4535c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_ctype_
_exit
_fchown32
_fcntl64
_fstat64
_impure_ptr
_lseek64
_lstat64
_open64
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
exit
fchmod
fflush
fileno
fprintf
fputc
free
fwrite
getc
getenv
isatty
localtime
malloc
memcpy
memmove
memset
opendir
perror
printf
putc
putchar
puts
raise
read
readdir
realloc
sigaction
sigaddset
sigemptyset
sigismember
signal
sigprocmask
strcat
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strrchr
strspn
unlink
utime
write

kernel32

GetModuleHandleA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 322KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE