194c717ade74eafe6516b8d0f010b295_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

194c717ade74eafe6516b8d0f010b295_JaffaCakes118
Size

4KB
MD5

194c717ade74eafe6516b8d0f010b295
SHA1

6ac5774fedfcf00b290cee2098e1305b780fc064
SHA256

e38f5b44860514a8155ccd48fbdc5fa86e13c7883509f81af35d9f19b35669c2
SHA512

b0ffbb06004dceada37ac5a6f956f3b1f6f6abc4001edb377df05f513fab48b57807022fab23e769437680705737a80498c509ad31439be4a23239f0eeb88e5d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
194c717ade74eafe6516b8d0f010b295_JaffaCakes118

Files

194c717ade74eafe6516b8d0f010b295_JaffaCakes118
.dll windows:5 windows x86 arch:x86

62a0a679d4028229d25aa850a97e279d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ksuser.pdb

Imports

ntdll

NtCreateFile
RtlNtStatusToDosError

kernel32

GetProcessHeap
HeapAlloc
HeapFree

Exports

Exports

KsCreateAllocator
KsCreateClock
KsCreatePin
KsCreateTopologyNode

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ