cb56fea626f8875b35c1886e2006d774_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb56fea626f8875b35c1886e2006d774_JaffaCakes118
Size

1KB
MD5

cb56fea626f8875b35c1886e2006d774
SHA1

6b67477c8fd44295e07ee6a3d67c78fc0dc99e67
SHA256

03cad7e32979586bb7e6c08cf21e3ba03edde7bb517ed4544e40299344422022
SHA512

fcfbf8ef028326cc407e004b9afb0c468d393cf9ddde5ef34f08f9d16f23e9b1e13f9dfd7c02eb58f608a5d1c23919188a1b2b87e7e358dc3d775728cd8ffff0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb56fea626f8875b35c1886e2006d774_JaffaCakes118

Files

cb56fea626f8875b35c1886e2006d774_JaffaCakes118
.sys windows:4 windows x86 arch:x86

87637570e70f9342900f76ec3f788d0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwOpenKey
ZwQueryValueKey
ZwClose

Sections

.text
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 128B - Virtual size: 110B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ