44619953cff89d381d852528efda637b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44619953cff89d381d852528efda637b_JaffaCakes118
Size

12KB
MD5

44619953cff89d381d852528efda637b
SHA1

f151c1bba400ad5e4e0dce0916fce58af7e661b9
SHA256

140496598956c301de54c8e0361443680f4868d24ad490ab00164fe1262ad09a
SHA512

c0187b2e27db0a9d0b61606b780a439c24d121683359f50ddc01e3abcf07b4f5b6f3345ebe6e42f02da513468173a6c874285aadae8f876a794711294007363e
SSDEEP

96:+koEznjC2LvDS3MxfSkgme7sZs8cn2W/pxKmS64wC0sygXbw1o++AB0ZO7i:+koEznj3ve8Z9gmeQ2De/64wZsy8ZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44619953cff89d381d852528efda637b_JaffaCakes118

Files

44619953cff89d381d852528efda637b_JaffaCakes118
.sys windows:5 windows x86 arch:x86

d9c9c4541168665f44917e3ddc4a00d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

DbgPrint

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 96B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 96B - Virtual size: 74B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 192B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ