Static task
static1
General
-
Target
4b8061c6183c1e946760205a67bf8069_JaffaCakes118
-
Size
22KB
-
MD5
4b8061c6183c1e946760205a67bf8069
-
SHA1
c3d92577910afd42cd15e1e2ab12e1184e687fc8
-
SHA256
66cd625bc5b5b930764769339eb534218101ead3969576442f0edaeb863fa0f8
-
SHA512
6cbd33a2c1c784987f1c0e0ad2c34e1c40c4c7afdd69a583db4a2fbf715647d4b535f09d362f342c0b84f0afe55af0cc8bf4e185017601c1a061aeadb938dd82
-
SSDEEP
384:AnC9o5C6sqFWmJQmhQ1V03Ue/CyugTsJQEqS3qSCg6NpImwpkOTZu:Ayo5CUFpJQmOa3Ue/jBYJQz7g6NpjgXQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4b8061c6183c1e946760205a67bf8069_JaffaCakes118
Files
-
4b8061c6183c1e946760205a67bf8069_JaffaCakes118.sys windows:5 windows x86 arch:x86
6bb11f1599a1ffbabaf4622053c97890
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
RtlInitUnicodeString
ExFreePoolWithTag
MmGetSystemRoutineAddress
ExRaiseStatus
_except_handler3
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ