3a026101dc40205b7df43901d1222075_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a026101dc40205b7df43901d1222075_JaffaCakes118
Size

72KB
MD5

3a026101dc40205b7df43901d1222075
SHA1

7d7c195fa998fff12315083149706a78f90b11f4
SHA256

1bd4a5201fff03959d42096882530d32afa4d8916d62fc6200d12226f2cf888c
SHA512

8f89818499fd63059313a2995181a7310766f03d01a516af68e2a2244b83f3a7b8f7531abc53dc7d40c1c866b8e53163e18e70a4de11d84e1fa98faf95e78bf7
SSDEEP

1536:EygvwhtQQ9Iyxsz9p36vRj4o/dOxXd0mCD3Z8i628Qr0Uv9:p4whqQ9If6vRR/6qxZL628Qr0y9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a026101dc40205b7df43901d1222075_JaffaCakes118

Files

3a026101dc40205b7df43901d1222075_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f5039e0ee5d62e7f73d8018d9ac1e1bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

KeDcacheFlushCount
FsRtlUninitializeFileLock
IoCheckDesiredAccess
RtlIsGenericTableEmpty
CcSetLogHandleForFile

Sections

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ