Static task
static1
General
-
Target
3ec6b5a3eeef28385e40dc55c54b2f9e_JaffaCakes118
-
Size
80KB
-
MD5
3ec6b5a3eeef28385e40dc55c54b2f9e
-
SHA1
042a6ab208254140ba00c0e49bbf8a4e212360ce
-
SHA256
9eb52e693e5d91c58710b76d0c413837e2fb5e2e6842b782d356bbb26334c288
-
SHA512
62032ceb4b0ecdb5a183d73e168dd597888dea0208822b568b82a479839cc3d40235927ba3903999f87a01305734bc71856a176689e6e7bb683901a3049e4d53
-
SSDEEP
1536:2SBjQufFJYRSXmx0y8IUHkv1tk2nysc7IUtjFu3d9Y80y8dJ0Id5Jh9cyfqDEYUB:24QufFLaPNv1tbnuttjMxgThvSJUom
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3ec6b5a3eeef28385e40dc55c54b2f9e_JaffaCakes118
Files
-
3ec6b5a3eeef28385e40dc55c54b2f9e_JaffaCakes118.sys windows:5 windows x86 arch:x86
4d5ca666e333299d80e2e05c2afd96f3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
ExAllocatePool
ExFreePool
Sections
.text Size: - Virtual size: 136KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 80KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE