Static task
static1
General
-
Target
34fae8cd25dbd871613cc25b7e3a3209_JaffaCakes118
-
Size
94KB
-
MD5
34fae8cd25dbd871613cc25b7e3a3209
-
SHA1
d89c307dabedce2e07d5ca02b88af503fbc9c877
-
SHA256
365ee08d99f591ae70ade9715b2bb3fc4415c9e7d7b8bbddee4a796ebc74e79c
-
SHA512
329bd11d6ead8b6a9343c5d96c2e4e90708759385fc654a86f81aa6518885047b7629f90bd45be187959f9f4d385bca7896b96354988a717d9f33d4d024b13b5
-
SSDEEP
1536:9IbfGu91NQRtwKww46Aoljpap8V15zqhvADzNlbSLeMwXSF0sg8wf:ebfGi+Rtw5w46AshIhvAFlbSLeMdF0se
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 34fae8cd25dbd871613cc25b7e3a3209_JaffaCakes118
Files
-
34fae8cd25dbd871613cc25b7e3a3209_JaffaCakes118.sys windows:5 windows x86 arch:x86
578b7369e425a7a93edbc847ba0f3f59
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
swprintf
ExFreePool
RtlCompareUnicodeString
ExAllocatePoolWithTag
RtlImageDirectoryEntryToData
Sections
Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE