daf42e960aeab0347d5c90fff6ad7842_JaffaCakes118

General

Target

daf42e960aeab0347d5c90fff6ad7842_JaffaCakes118
Size

25KB
MD5

daf42e960aeab0347d5c90fff6ad7842
SHA1

3d7c8295bdb5fbec4dc004092e708d0af8b227ee
SHA256

e6ef0ca5603331c6a1769f049d03aa48647399c68a2855bd5fb7fc110b818980
SHA512

02037721a2469e48deb40b0af6ce50576ec97c96d4add20230d361b07b8218d5f586c7d96bcfcdac046d919064fb5b01002bc8e2fba733977d05b25b155ecfab
SSDEEP

384:YcFrMvfBmZtgLjQjO9TnlycIBwHLBJBlKNYXferlmtJySIJt0V20:YcSBJfYEtIMKQWR1SIYV20

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daf42e960aeab0347d5c90fff6ad7842_JaffaCakes118

Files

daf42e960aeab0347d5c90fff6ad7842_JaffaCakes118
.exe windows:5 windows x86 arch:x86

251ecc6d75e87de6baf9ee8ec7a994e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

�t

READ_PORT_ULONG
WRITE_PORT_USHORT
KeStallExecutionProcessor
READ_PORT_UCHAR
WRITE_PORT_ULONG
WRITE_PORT_UCHAR
READ_PORT_USHORT

ndis.sys

NdisMRegisterMiniport
�6-
NdisAllocatePacketPool
NdisTerminateWrapper
NdisAllocateBufferPool
NdisMAllocateMapRegisters
NdisQueryMapRegisterCount
NdisMFreeSharedMemory
NdisMAllocateSharedMemory
NdisAllocatePacket
NdisAllocateBuffer
NdisFreeBufferPool
NdisFreePacketPool
NdisMFreeMapRegisters
NdisFreeBuffer
NdisFreePacket
NdisMInitializeTimer
NdisMRegisterAdapterShutdownHandler
NdisMRegisterInterrupt
NdisMRegisterIoPortRange
NdisMSetAttributesEx
NdisWriteErrorLogEntry
NdisAllocateMemoryWithTag
NdisCloseConfiguration
NdisReadNetworkAddress
NdisReadConfiguration
NdisOpenConfiguration
NdisMQueryAdapterResources
NdisReadPciSlotInformation
NdisWritePciSlotInformation
NdisFreeMemory
NdisMDeregisterIoPortRange
NdisMDeregisterInterrupt
NdisMDeregisterAdapterShutdownHandler
NdisMCancelTimer
NdisSetTimer
NdisAdjustBufferLength
NdisMCompleteBufferPhysicalMapping
NdisMStartBufferPhysicalMapping
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisQueryBuffer

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 544B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

251ecc6d75e87de6baf9ee8ec7a994e6

Headers

File Characteristics

Imports

�t

ndis.sys

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 544B - Virtual size: 544B

PAGE Size: 4KB - Virtual size: 4KB

INIT Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 544B - Virtual size: 544B

PAGE
Size: 4KB - Virtual size: 4KB

INIT
Size: 1KB - Virtual size: 1KB