2e5b6cc2c5df525731fb549c989484d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e5b6cc2c5df525731fb549c989484d3_JaffaCakes118
Size

35KB
MD5

2e5b6cc2c5df525731fb549c989484d3
SHA1

32c4ea504836c3d81ce7607c36fdbeb114a88639
SHA256

a4ed2a8bdd34a8baf6a9963442a5cbe349b8ba2867afe5ce0bfbf938d1c85273
SHA512

71cd286e6246d44a18c2454d2e529bb6901450002e023b11160fe6b82886a64b8234a7c810ff99b952cef0a495a526bac5e300caa6271d9c4e869aa3b1e7c457
SSDEEP

768:l9sjolecluxL/bs7BgkYqX83DD2SNABgWGNldrb5pJWS:4jodluxL/bs7ak8TlN7rjdF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e5b6cc2c5df525731fb549c989484d3_JaffaCakes118

Files

2e5b6cc2c5df525731fb549c989484d3_JaffaCakes118
.sys windows:4 windows x86 arch:x86

303bbc026869bdbf03193b6bae33bcda

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

CcFlushCache
MmGetSystemRoutineAddress

ndis.sys

NdisSetTimer

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE