2e6e2a8a2c79333ab4347a247dc04dab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e6e2a8a2c79333ab4347a247dc04dab_JaffaCakes118
Size

22KB
MD5

2e6e2a8a2c79333ab4347a247dc04dab
SHA1

77a8c152c5707bbfd002719a279701fcebd0fc25
SHA256

f303f0a4aa63dbad5de53f1929f68ec360ecf0afde1b58f488e0c3f1282d9e84
SHA512

481c3a70586d5097831bcf86ead2d204311fe9b39f20e26457c03ae4b49c02a45e5d85933ddbf421b1333784a37e6a283d2094ae5584791c4bd0584446fa1376
SSDEEP

384:cx/7HNkXWG07PRI008kX3klIRWq6zWT24m7gVeI1dRAkI+vo3v1ypphjr:cdHNkXW4o43klIm624m7g0I1jC+Av1y1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e6e2a8a2c79333ab4347a247dc04dab_JaffaCakes118

Files

2e6e2a8a2c79333ab4347a247dc04dab_JaffaCakes118
.sys windows:5 windows x86 arch:x86

5a800c60d8fb35aee3ab7cd095d00d64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmProtectMdlSystemAddress
IoAllocateMdl
RtlInitUnicodeString
wcschr
MmGetSystemRoutineAddress
ExAllocatePoolWithTag

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 209B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ