bda1f9b336d946cb0c97e75176214562_JaffaCakes118 | Triage

Sharing

General

Target

bda1f9b336d946cb0c97e75176214562_JaffaCakes118
Size

76KB
MD5

bda1f9b336d946cb0c97e75176214562
SHA1

87116261b7d2dfd14292c94e303ebc39b35186a7
SHA256

be9e91ebc6812f9e8203effa04e4147cabe171b3f8e27bd65cf56479f0f18d35
SHA512

4feb5899b7ce9fe68b1627e5dff3dced07e99a7361c612bca50498a91d022d90c7ed19f47672a1389dab2faa7de28615b8ad8defa765f73e215a52a003ca3031
SSDEEP

1536:5ZAccmK8yInIqVgrahnC8083jpzX05H5cl82hW8fPL9:5ScfKMSLbejR05H5u8vYL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bda1f9b336d946cb0c97e75176214562_JaffaCakes118

Files

bda1f9b336d946cb0c97e75176214562_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4fe63fe8b5766f018fecfaee80f14fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteVolumeMountPointW
FoldStringW
SetConsoleActiveScreenBuffer
GetWindowsDirectoryA
CreateNamedPipeW
_lclose
FoldStringW
SwitchToFiber
FillConsoleOutputAttribute
GetThreadIOPendingFlag
PeekConsoleInputW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE