Static task
static1
General
-
Target
47467aa65b7a56a66959a2e85fcc641e_JaffaCakes118
-
Size
2KB
-
MD5
47467aa65b7a56a66959a2e85fcc641e
-
SHA1
48f6117942da4d1e8d7a997294410f8d6b6724b1
-
SHA256
27bdd32af34b66fc39b5505d94b0401ec3d8cc20546fdd49c9d1a8896b0f87b9
-
SHA512
99db6f66046f44f6041512672c9617cfb403e85465d0a96fb464efacc0f17f9fd63c723d603805fa07a8d103e00f662be0dbc371d776ae61a26cd274811b0019
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 47467aa65b7a56a66959a2e85fcc641e_JaffaCakes118
Files
-
47467aa65b7a56a66959a2e85fcc641e_JaffaCakes118.sys windows:5 windows x86 arch:x86
3a1fe1a6c0f5e200602f093f681d9c1f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwDeviceIoControlFile
IofCompleteRequest
KeServiceDescriptorTable
Sections
.text Size: 768B - Virtual size: 657B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 144B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 40B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ