bba6eb29eec5216638fafb0c39ca6b7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bba6eb29eec5216638fafb0c39ca6b7a_JaffaCakes118
Size

96KB
MD5

bba6eb29eec5216638fafb0c39ca6b7a
SHA1

2d5790dcbc151e892792d46fe468d2401bec4263
SHA256

e37b90e26e9225278e5af3a4624d8e39fe94f6919e7ad09135ab43497dd3d0d7
SHA512

0be9a66f79efbd0eba62abaf39dc5e5321e862924d19816bf21f41dbe3648466a94fd0ea1f2dd2c667f48cecbb34e7a4f61c9af24fddcab36d11009a14d3f5d7
SSDEEP

1536:gRCdB7ha2w87cnKx3jOIO7MEzjfvE9VnDVgQgFY01KEwiWRHdsd+GYE:1dlhaYx3jxO7Tk6FW/PRHOdfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bba6eb29eec5216638fafb0c39ca6b7a_JaffaCakes118

Files

bba6eb29eec5216638fafb0c39ca6b7a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a8d728e9704cb696b6617d5e79858248

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleA
ReadFileScatter
WriteConsoleInputVDMA
TryEnterCriticalSection
FindFirstFileW
lstrcmpiA
GetDriveTypeA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE