Static task
static1
General
-
Target
188fe9ff8fc0da5539518c23a3b4178a_JaffaCakes118
-
Size
30KB
-
MD5
188fe9ff8fc0da5539518c23a3b4178a
-
SHA1
d60ae6e0762adfecb2ee87b48e2e8d6b754a5fa9
-
SHA256
b0680458b337d859b8a113bcc9e19af5ca27044158e8d03725e266c25967e48d
-
SHA512
127fb51516b3f54217a71171e975494be16fadbbc4a4220661bc6278c888120aeee57eb371637e8ace84fe7c9076c105a34d93d2ec81c5a2fa7f6779b7a20f80
-
SSDEEP
768:3LtlNQjDp8TunnnvBjYwbinqMjT7zOrunxa5zjXHZCmMnnnnnnnunPb2+:b1Qjx8DPjbfaBZt2+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 188fe9ff8fc0da5539518c23a3b4178a_JaffaCakes118
Files
-
188fe9ff8fc0da5539518c23a3b4178a_JaffaCakes118.sys windows:4 windows x86 arch:x86
caed740047327835987440169debea21
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
PsGetCurrentProcessId
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 64B - Virtual size: 35B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 96B - Virtual size: 86B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 64B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ