Static task
static1
General
-
Target
4336f530d3e814935f7ce7bc68aee0a7_JaffaCakes118
-
Size
14KB
-
MD5
4336f530d3e814935f7ce7bc68aee0a7
-
SHA1
4a0a61f415d3f32d61113d07f0a087f846b4c144
-
SHA256
265f35965ebce3236eec83d62ff94112d09afccf0783cbf96e6de79077660f5f
-
SHA512
db96183211efecf887e10a8b6553c407ce558c2f78c03b61a34c9c21e894ab759f4777628f0f71c40236adbd0b415d4f626a1b70c0ddcb327be2acc40bec5184
-
SSDEEP
384:31Fbz7z9m8uRFEcwPv2s52zpz3A0JKQ/m:3rbz7z9m8uRFSMp3BsQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4336f530d3e814935f7ce7bc68aee0a7_JaffaCakes118
Files
-
4336f530d3e814935f7ce7bc68aee0a7_JaffaCakes118.sys windows:4 windows x86 arch:x86
2df80650cc1853520a241690a4ebf486
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ndis.sys
NdisWaitEvent
ntoskrnl.exe
DbgBreakPointWithStatus
MmGetSystemRoutineAddress
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 192B - Virtual size: 173B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 960B - Virtual size: 956B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE