Static task
static1
General
-
Target
18a4fa3b0326618b462f81e7f5ee2b4c_JaffaCakes118
-
Size
75KB
-
MD5
18a4fa3b0326618b462f81e7f5ee2b4c
-
SHA1
b2d2694e4e5d6c9743d3cd8ffe82db82b4b80114
-
SHA256
9b9018f6f47e2d2c5f2479720374b754103dc4d2b97c55f2567a0d84a2a7d51f
-
SHA512
fe5a3c0eb1131d0fdf651f00bfac53bd1fc3ea0f966bee77246581e057230c8e9674329f01e13079ba815febbc58e86e73164358531398a834717f27b8f7a177
-
SSDEEP
1536:2nww2H/JZpkuOGttLLkj3jB5z6WUPlHiR0KFHcxcPSiKUAONi:IP2GupbLLQX6WUi0ucaSiKZ4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 18a4fa3b0326618b462f81e7f5ee2b4c_JaffaCakes118
Files
-
18a4fa3b0326618b462f81e7f5ee2b4c_JaffaCakes118.sys windows:6 windows x86 arch:x86
cec1f61e1df07fde0c686004d4b87763
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
MmGetSystemRoutineAddress
Sections
.text Size: - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: - Virtual size: 404B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fail0 Size: - Virtual size: 146B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fail1 Size: - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fail2 Size: 73KB - Virtual size: 73KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ