462e5b512dda01b1106a6ca836c31c27_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

462e5b512dda01b1106a6ca836c31c27_JaffaCakes118
Size

29KB
MD5

462e5b512dda01b1106a6ca836c31c27
SHA1

e146c526061322ecb2e4d43226d139337c0c4f9b
SHA256

7e70e373f66cd5fae9f7b7987ed91ef133d73f8fff8a7d6c8cae8571b4330aed
SHA512

4ecb729cd58cb35784b329c32c9bff013c8eed60250c87ed588c062d6d964b46d9563db490be829df2bc75f49bd1c29e3ef3ebd4198ff04de884853433d428cf
SSDEEP

384:cEftkKY5UNTohlqg0Y4FbixawMYkmHHgKFw8N+Pyyb6wW+dcoMNJNdh8HyMJRb4X:FtlNshlD0Y4FR5w+Pn6wW+wrsiJ2EB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
462e5b512dda01b1106a6ca836c31c27_JaffaCakes118

Files

462e5b512dda01b1106a6ca836c31c27_JaffaCakes118
.sys windows:4 windows x86 arch:x86

caed740047327835987440169debea21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

PsGetCurrentProcessId

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64B - Virtual size: 35B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 96B - Virtual size: 86B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64B - Virtual size: 46B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ