Overview

overview

8

Static

static

3

Kernel Det...ew.bat

windows7-x64

8

Kernel Det...ew.bat

windows10-2004-x64

3

Kernel Det...ve.exe

windows7-x64

8

Kernel Det...ve.exe

windows10-2004-x64

3

Kernel Det...ist.js

windows7-x64

3

Kernel Det...ist.js

windows10-2004-x64

Kernel Det...rx.dll

windows7-x64

3

Kernel Det...rx.dll

windows10-2004-x64

3

Kernel Det...mp.dll

windows7-x64

3

Kernel Det...mp.dll

windows10-2004-x64

3

Kernel Det...12.dll

windows7-x64

3

Kernel Det...12.dll

windows10-2004-x64

3

Kernel Det...pt.dll

windows7-x64

3

Kernel Det...pt.dll

windows10-2004-x64

3

Kernel Det...lp.dll

windows7-x64

3

Kernel Det...lp.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    0b52246f5b0abed0dd92e04fdb6658d3_JaffaCakes118

  • Size

    1.0MB

  • MD5

    0b52246f5b0abed0dd92e04fdb6658d3

  • SHA1

    59170a61aee8cc12885cb18f58fed82025c3a22e

  • SHA256

    619e9ae64cc9de82dd35cb3469d413e8c78a57ec8021b8450b6ead15526562d7

  • SHA512

    6bfc02b346a35ac8645c297b613adaf62075cdc6eb3b2683553ca70bdb8c1341d587f87d6eb923ff3689f5375bc545c87425c63c0ead372832d92cb315fb0f15

  • SSDEEP

    24576:moOEGhqa3amU1eiq7shtTH+nGLHalqAt/HTrHuPTJasJsyg:ZboqaqmU18sLWGL1SHTrH2ta8sd

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 0b52246f5b0abed0dd92e04fdb6658d3_JaffaCakes118
    .rar
  • Kernel Detective v1.4.1/DbgView.bat
  • Kernel Detective v1.4.1/Kernel Detective.exe
    .exe windows:5 windows x86 arch:x86

    4bcd53920522c3cdec5f87bcff7941a0


    Headers

    Imports

    Sections

  • Kernel Detective v1.4.1/Plugins/CPP/KeDetective.h
  • Kernel Detective v1.4.1/Plugins/CPP/Script ext.txt
  • Kernel Detective v1.4.1/Plugins/CPP/example/diskio.kds
  • Kernel Detective v1.4.1/Plugins/CPP/example/hxdmp.kds
  • Kernel Detective v1.4.1/Plugins/CPP/example/scsi.kds
  • Kernel Detective v1.4.1/Plugins/CPP/include/_end_shared.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/_shared_lib.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/algorithm
  • Kernel Detective v1.4.1/Plugins/CPP/include/assert.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/cctype
  • Kernel Detective v1.4.1/Plugins/CPP/include/classlib.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/cmath
  • Kernel Detective v1.4.1/Plugins/CPP/include/cstdarg.txt
  • Kernel Detective v1.4.1/Plugins/CPP/include/cstdio
  • Kernel Detective v1.4.1/Plugins/CPP/include/cstdlib
  • Kernel Detective v1.4.1/Plugins/CPP/include/cstring
  • Kernel Detective v1.4.1/Plugins/CPP/include/for_each.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/foreach2.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/fstream
  • Kernel Detective v1.4.1/Plugins/CPP/include/fstream.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/glib.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/header.cpp
  • Kernel Detective v1.4.1/Plugins/CPP/include/io.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/iostream
  • Kernel Detective v1.4.1/Plugins/CPP/include/iostream.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/list
  • Kernel Detective v1.4.1/Plugins/CPP/include/list.new
  • Kernel Detective v1.4.1/Plugins/CPP/include/listx
  • Kernel Detective v1.4.1/Plugins/CPP/include/malloc.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/map
  • Kernel Detective v1.4.1/Plugins/CPP/include/math.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/new-stdlib.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/old-string
  • Kernel Detective v1.4.1/Plugins/CPP/include/regexp.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/rx++.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/self.imp
  • Kernel Detective v1.4.1/Plugins/CPP/include/sstream
  • Kernel Detective v1.4.1/Plugins/CPP/include/stdarg.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/stddef.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/stdio.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/stdlib.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/string
  • Kernel Detective v1.4.1/Plugins/CPP/include/string.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/strstrea.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/strstream.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/test-stdarg.uc
  • Kernel Detective v1.4.1/Plugins/CPP/include/time.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/turtle.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/uc_except.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/uc_save.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/uc_timer.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/ucri.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/ucri/persist.h
    .js
  • Kernel Detective v1.4.1/Plugins/CPP/include/ucri/profile.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/ucri/refs.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/ucri/trace.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/ucri/utils.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/vector
  • Kernel Detective v1.4.1/Plugins/CPP/include/winbase.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/windows.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/wininet.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/winuser.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/xgdk/gdk.h
  • Kernel Detective v1.4.1/Plugins/CPP/include/yawl.h
  • Kernel Detective v1.4.1/Plugins/CPP/lib/extract.awk
  • Kernel Detective v1.4.1/Plugins/CPP/lib/rx.dll
    .dll windows:4 windows x86 arch:x86

    3c61d856560a34b2d94cc528cc6f9c14


    Headers

    Imports

    Exports

    Sections

  • Kernel Detective v1.4.1/Plugins/CPP/lib/rx.lib
  • Kernel Detective v1.4.1/Plugins/CPP/lib/string_imp.dll
    .dll windows:4 windows x86 arch:x86

    0e9a94e5049f66c8110d6f1ac35bd709


    Headers

    Imports

    Exports

    Sections

  • Kernel Detective v1.4.1/Plugins/CPP/ucc12.dll
    .dll windows:4 windows x86 arch:x86

    fd9edacf655544d91c52702fd1b8b0c9


    Headers

    Imports

    Exports

    Sections

  • Kernel Detective v1.4.1/Plugins/KScript.kdp
    .dll windows:5 windows x86 arch:x86

    d669217947123a32503483cd95779612


    Headers

    Imports

    Exports

    Sections

  • Kernel Detective v1.4.1/Plugins/Null.rar
    .rar
  • Null/Kdp.h
  • Null/Null.cpp
  • Null/Null.def
  • Null/Null.vcproj
    .xml
  • Kernel Detective v1.4.1/Readme.txt
  • Kernel Detective v1.4.1/dbghelp.dll
    .dll windows:6 windows x86 arch:x86

    fa6b094f828920cf8999743ff0004319


    Code Sign

    Headers

    Imports

    Exports

    Sections