Static task
static1
General
-
Target
219dc4562df7364f7f5bd3f158696676_JaffaCakes118
-
Size
8KB
-
MD5
219dc4562df7364f7f5bd3f158696676
-
SHA1
5ac7200f52946e11e0c77beb535f05b27fd03e37
-
SHA256
b990840b32a037948d028b2ec5fb6fd1c9475a3224156b6fb220780c9c227cd6
-
SHA512
71a51200091cc8666feeb75964adecfbdc78aab99ebb84e42d559f62c9bdcd7193c0b51265b4dc2e0381c928f032745ffc812123f7dd036c411a46563e78bb41
-
SSDEEP
192:Fa15MgXmkTgp8rk/OzSFSSX5odmBiXBL7W2kTOx8kusrmcptU:FuGN8kO6umBQjmqe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 219dc4562df7364f7f5bd3f158696676_JaffaCakes118
Files
-
219dc4562df7364f7f5bd3f158696676_JaffaCakes118.sys windows:4 windows x86 arch:x86
fb73ac73ebbba62feec09dec2e65aa72
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ndis.sys
NdisGetSystemUpTime
NdisRegisterProtocol
ntoskrnl.exe
MmBuildMdlForNonPagedPool
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 176B - Virtual size: 164B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 400B - Virtual size: 386B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 704B - Virtual size: 694B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ