5b49808c31e515589ceaef264026c516_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b49808c31e515589ceaef264026c516_JaffaCakes118
Size

20KB
MD5

5b49808c31e515589ceaef264026c516
SHA1

f67ce16d7ff68f105c4ab7509fd82a1b70239631
SHA256

7f92c189d2fe8d985a050eadbcc7b0e2f3f5cb661b46709d3e21fd8803911ddf
SHA512

ffbdbfb09d9060328a14f842a99804ba3f2d5cd264ff9e3ea34e7250a4cd2b3d0776715a8c628a593737e08725a3832667780bcc272d777c5bb952c346b03423
SSDEEP

48:icQY8iXzndzfMcnzNEE9O4iYXZTQJDRY6wqh08O+z0pvqCpGHKmN:sY9Xzn6cnJU4VdK26z08fwRqCpGq0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b49808c31e515589ceaef264026c516_JaffaCakes118

Files

5b49808c31e515589ceaef264026c516_JaffaCakes118
.sys windows:5 windows x86 arch:x86

d9c9c4541168665f44917e3ddc4a00d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

DbgPrint

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 96B - Virtual size: 65B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 96B - Virtual size: 74B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 96B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ