Static task
static1
General
-
Target
270ecfec6fd5d9516009426a13431279_JaffaCakes118
-
Size
21KB
-
MD5
270ecfec6fd5d9516009426a13431279
-
SHA1
33ed90e8e10c3fce7e5816ed5966e6ea03148523
-
SHA256
09ca25e1bafc7dbed02a4bf1593c9c9d3e521728e404232a9afa9fea4716bc1c
-
SHA512
5e5d7acbf45b9cbdac546cc44977bd978a9363c618db34553c34b815609a45ba4c9b05d8e2ec9a03f1b269162887817512e1462ffa4b4441c20c4a5f31441701
-
SSDEEP
384:1nC9o5C6sqFWmJQmhQ1V03Ue/CyugTsJQEqS3qSCg6NpIXwpZsS:1yo5CUFpJQmOa3Ue/jBYJQz7g6NpKgZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 270ecfec6fd5d9516009426a13431279_JaffaCakes118
Files
-
270ecfec6fd5d9516009426a13431279_JaffaCakes118.sys windows:5 windows x86 arch:x86
6bb11f1599a1ffbabaf4622053c97890
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
RtlInitUnicodeString
ExFreePoolWithTag
MmGetSystemRoutineAddress
ExRaiseStatus
_except_handler3
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ