bcbbd658d4a252496b8c0cfc23ff1d1a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcbbd658d4a252496b8c0cfc23ff1d1a_JaffaCakes118
Size

23KB
MD5

bcbbd658d4a252496b8c0cfc23ff1d1a
SHA1

ffa29f8193961b2bbc2986277d4e976e0f7a1547
SHA256

2e2fefdafb95111ad2c7efb7b89f11ca6c5af0d0fbd9a0fb79b66317962ff88c
SHA512

c2da5ffeca926e97166cc5b0bc3d2318225fbe54d50926b2f7f8a36606e0831bdf9dd66ab401dd49f47866464ef03a36a925a1a3d1cb109c1fbd3fbd43a73c76
SSDEEP

384:EGQHF6JaGVhT+aSHBR6WWWtkFUOIU+hnuoDX/jg120:EGQlSzSHuW9crqX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcbbd658d4a252496b8c0cfc23ff1d1a_JaffaCakes118

Files

bcbbd658d4a252496b8c0cfc23ff1d1a_JaffaCakes118
.sys windows:5 windows x86 arch:x86

255166120636f8d841ad5ab089a6b65b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmGetSystemRoutineAddress
RtlInitUnicodeString
ExAllocatePoolWithTag
ExFreePoolWithTag

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 170B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ