babadeda | fa3d40ce6752360f82f85789de9206da_JaffaCakes118 | Triage

Sharing

General

Target

fa3d40ce6752360f82f85789de9206da_JaffaCakes118
Size

19.3MB
MD5

fa3d40ce6752360f82f85789de9206da
SHA1

b2257a28bd6c5fc2330c43911cb3b09fc7a3f793
SHA256

290fbd80875f828748b26dd45ea64d3a289cb94f5bda9f6998a5f4e054af4d4a
SHA512

0e1be7b19409625f4dd821aaaeec8b0105ca6c5db34ccb2d0dbeec56916a61c12f78164ba09fea0f865c64d0c13dbf933c22175a4ccaceec042ff3f38a2075b9
SSDEEP

196608:ItKgK+WQiP0b9HVd2THcW/VYDzBAdLGMyO2FUAfvHoqToihJ:1gKlcb5Vd2THcWt4wLbyOifvHr

Score

10^/10

babadeda

Malware Config

Signatures

Babadeda Crypter 1 IoCs

resource	yara_rule
sample	family_babadeda

Babadeda family
babadeda

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa3d40ce6752360f82f85789de9206da_JaffaCakes118

Files

fa3d40ce6752360f82f85789de9206da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ