dfb25765225830cafa443c6ee54df7ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfb25765225830cafa443c6ee54df7ef_JaffaCakes118
Size

12KB
MD5

dfb25765225830cafa443c6ee54df7ef
SHA1

191f3bad1806688c73e85829cc252c8198393f31
SHA256

1b7b6d07d3136a0ca1b8f4b19bfcab80761dc28d598c535412dd32fe30cee60d
SHA512

6a167ff1dc7037aa0985654e223a998c69748ccda9e2c3240bdbfc5a0ca5a23e3eb826005f4e925ab73cae4089ce0e411d2ed42cce86c0224ee470c775cf2a6f
SSDEEP

192:rJvDnCTjTpEzFLeRfjkPfdGkUy7WZB3ODPT:rFDCTjKeRfjsfSrZB3C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfb25765225830cafa443c6ee54df7ef_JaffaCakes118

Files

dfb25765225830cafa443c6ee54df7ef_JaffaCakes118
.sys windows:5 windows x86 arch:x86

3b500d8ce0a0f17cd814c61cc451eed3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\sys.pdb

Imports

ord32286
ord32318
ord32328
ord32352
ord32364
ord32388
ord32406
ord32422
ord32438
ord32448
ord32470
ord32498
ord32522
ord32266
ord32566
ord32592
ord32610
ord32630
ord32640
ord32652
ord32662
ord32690
ord32716
ord32726
ord32738
ord32760
ord32790
ord32242
ord32542
ord32232
ord32864
ord32828
ord32842

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 496B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 864B - Virtual size: 852B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 672B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ