Static task
static1
General
-
Target
39da744768621fcbe7df0c79eb06ea76_JaffaCakes118
-
Size
40KB
-
MD5
39da744768621fcbe7df0c79eb06ea76
-
SHA1
0ceab9298f2d60963b0f4b3ead76fd4f8dd2806b
-
SHA256
77d3b1309c3e8fc056c82dc67580bbceca4b647b332e7ef80696a3665a283dda
-
SHA512
abe4734f01e1289004164431d0c5b0e17e7b9398c0ffbaeade03e8b7fceb3e1a516b37b176c30ba9895d1ccb7fefa438d07775be00f4150aa3621527430bcd9f
-
SSDEEP
768:QRXB1DgdTx4aQGe8k40ftZV8Z9kg3lssRdKE9c:M1DgdTx4aQKkZLAe4s4hc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 39da744768621fcbe7df0c79eb06ea76_JaffaCakes118
Files
-
39da744768621fcbe7df0c79eb06ea76_JaffaCakes118.sys windows:5 windows x86 arch:x86
3b2e4ebb4cd4e792dc2a5a80039eadfe
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
RtlInitUnicodeString
IoGetCurrentProcess
IoFreeIrp
ExAllocatePoolWithTag
_strnicmp
MmGetSystemRoutineAddress
Sections
.text Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 202B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 30B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ