baee5063ebdc6efcf0438829848696a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

baee5063ebdc6efcf0438829848696a2_JaffaCakes118
Size

83KB
MD5

baee5063ebdc6efcf0438829848696a2
SHA1

c15e2d668bc43cb5f8d9480f267403491548bd87
SHA256

81137589bb562fd29d12750f80aef65070c6187cc635c0d0b8a0d8bb219403e2
SHA512

5017e91e538e83f4e940b2f5b47cb9d0a764e2c36da2593c1e7f02c4e9b56ffc9b94a98b1009cc579c19cf040fdf25aa2f5a2e7d8fd488a626f99627634fbc77
SSDEEP

1536:/j7LXpQVcvyDZzgAM5qz/KEP7Ox0SGRXQNzvgfAfo7T3zDElpjVrs2ryrd1vUQuB:8DzKQ7q0SGlSto7jzDElHs2qbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baee5063ebdc6efcf0438829848696a2_JaffaCakes118

Files

baee5063ebdc6efcf0438829848696a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5131bb6d092a828e44e31cf6c6f68ec7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteVolumeMountPointA
CreateEventA
GetConsoleAliasExesW
SetTapePosition
SetProcessWorkingSetSize
CreateProcessInternalWSecure
HeapAlloc
SetConsoleMaximumWindowSize
Heap32ListFirst
SetDllDirectoryW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE