544277de3563b689a2420b2476d6df94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

544277de3563b689a2420b2476d6df94_JaffaCakes118
Size

66KB
MD5

544277de3563b689a2420b2476d6df94
SHA1

8b8704d3e2636e76c26e11fce72e4615fa3d9bef
SHA256

9d179be0bc755c3674b35e0e9adec25303e5521a6b4fefd07d63fa0651ccb369
SHA512

2d0c9652ed9fde6e8ac7e9064bd3772d5f8e5412e5d42a4ef3ecfa8478cd44cdb645506266235a920644b86d0b7f2390ce5d3bbe7774f90862af3850af374601
SSDEEP

1536:JSV9geQtVWtzESGf4T9ejDffcp+vE+9wQxe34z:JSV9gfWtzNGfiyDLvE+qee3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
544277de3563b689a2420b2476d6df94_JaffaCakes118

Files

544277de3563b689a2420b2476d6df94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6aa8bddb91ff948e284e59fbc54c8e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
OpenWaitableTimerW
GetNextVDMCommand
GetModuleHandleA
GetConsoleAliasA
TlsGetValue
PulseEvent
lstrcmpW
GetCommandLineA
SetFileApisToANSI
GetConsoleKeyboardLayoutNameA
GetThreadPriorityBoost

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE