Static task
static1
General
-
Target
3dca27b10279b3dad556651eb5705001_JaffaCakes118
-
Size
42KB
-
MD5
3dca27b10279b3dad556651eb5705001
-
SHA1
3f25974588867baef563b602b3512dfefa0c74bc
-
SHA256
f983e9cb18d6009545b3ea9e12a212947ce0c3b4cc78553b6304f621dc6882f2
-
SHA512
323bbd31141e2a5ed4ac0f1b22c3d416aa648f6edb2e9e8a35633e8302c97ad2349032901b22efa8d8b5185836308ff1cf1f3070c0a688f72f543efd0939891a
-
SSDEEP
192:hWAogxZLVGcXui6R9y4XrT6GbZNCMnqzUoBBaDjLZ956IQP8iM7+9WK77x6HjYp9:I3KLH6CMv6GNNhq9BQDjT52Z4D2FUud
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3dca27b10279b3dad556651eb5705001_JaffaCakes118
Files
-
3dca27b10279b3dad556651eb5705001_JaffaCakes118.sys windows:4 windows x86 arch:x86
50173fecdfa3e6b91c6f144666057f2d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
CcSetAdditionalCacheAttributes
Sections
.text Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 128B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 128B - Virtual size: 128B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 32B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ