Static task
static1
General
-
Target
3c96030a0ab1c6b3c68d4dde3f189078_JaffaCakes118
-
Size
75KB
-
MD5
3c96030a0ab1c6b3c68d4dde3f189078
-
SHA1
b2daddf2e6dedbd0d3f9e67b86afae0002285fb4
-
SHA256
dbde30a9a1d44b36fe223e2b6d0f2cc1a1663c17b17a492ea7b4543ed878f4d6
-
SHA512
ddd456cbaa15feb16d9ae8f23bdfa2cad10c0bef2f493d3ee9faae4a09afa348e2f37f9685a3561e225c4769875967a77c3ed0c23697e303f297f2c4a7914cd3
-
SSDEEP
1536:AJnug5MjdOcfDs5KL/Eqn54Aqju0A492sTBB76rto4Zz+L:EuwcfwAL/Ed9n6rCe+L
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3c96030a0ab1c6b3c68d4dde3f189078_JaffaCakes118
Files
-
3c96030a0ab1c6b3c68d4dde3f189078_JaffaCakes118.sys windows:5 windows x86 arch:x86
4d5ca666e333299d80e2e05c2afd96f3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
ExAllocatePool
ExFreePool
Sections
.fengyue Size: - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.packed Size: 75KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE