42781dde99d8521a497649e9abd5048f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42781dde99d8521a497649e9abd5048f_JaffaCakes118
Size

73KB
MD5

42781dde99d8521a497649e9abd5048f
SHA1

7b099db30e91db510257fb79c9f6148ec080ab79
SHA256

805657f9c3f9b3fc02f92614bd3c99e7fec4ad075b18a1df0a3a1444a006101a
SHA512

c7a8eaa2d766200df0d686d9665a26305c41ccb97652a7c90d4f5f614487085946cd45ed2c48b860ee1c6be3c274bfac9a622d4f5e8df6e0f16d5a4398f24d61
SSDEEP

768:yKLBEIaoaL3fzX5Xd4Beo1M2dLYd5H5ffn+Ps0tZDth3aMXu6QuOlyFomYa6Iwol:1EIZIVtWYfFAHeYOl9mv6CwRs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42781dde99d8521a497649e9abd5048f_JaffaCakes118

Files

42781dde99d8521a497649e9abd5048f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d367ae22de22a296e8a00d00fc29574c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\kaPstTDezoVL\KgpeyDJ\ksTUbcdB\TrbsmquscSnuyy.pdb

Imports

ntoskrnl.exe

ExDeletePagedLookasideList
RtlUnicodeStringToInteger
MmBuildMdlForNonPagedPool
MmAllocateContiguousMemory
IoSetShareAccess
RtlInitAnsiString
IoFreeController
RtlFindLeastSignificantBit
PsIsThreadTerminating
IoAllocateIrp
MmSizeOfMdl
RtlCreateSecurityDescriptor
ExSystemTimeToLocalTime
ExVerifySuite
PsTerminateSystemThread
ExLocalTimeToSystemTime
ZwFlushKey

Sections

.text
Size: 46KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_txt
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e_txt
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tele2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele4
Size: 1024B - Virtual size: 597B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d367ae22de22a296e8a00d00fc29574c

Headers

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

Sections

.text Size: 46KB - Virtual size: 50KB

.i_txt Size: 512B - Virtual size: 72B

.e_txt Size: 512B - Virtual size: 512B

.tele3 Size: 512B - Virtual size: 28B

.tele1 Size: 512B - Virtual size: 44B

.tele2 Size: 512B - Virtual size: 44B

.tele4 Size: 1024B - Virtual size: 597B

.data Size: 13KB - Virtual size: 35KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 692B

.text
Size: 46KB - Virtual size: 50KB

.i_txt
Size: 512B - Virtual size: 72B

.e_txt
Size: 512B - Virtual size: 512B

.tele3
Size: 512B - Virtual size: 28B

.tele1
Size: 512B - Virtual size: 44B

.tele2
Size: 512B - Virtual size: 44B

.tele4
Size: 1024B - Virtual size: 597B

.data
Size: 13KB - Virtual size: 35KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 692B