Static task
static1
General
-
Target
4cf0bc1972c62ecef41294558df2e59f_JaffaCakes118
-
Size
22KB
-
MD5
4cf0bc1972c62ecef41294558df2e59f
-
SHA1
711cf0089d0b6e03daaaa1ec3845183da5519c26
-
SHA256
f1bced6afc9d8e30342603ad8173a6af1a5ec7a11b0e3ae2a514c042d5ffd4f1
-
SHA512
3bcfd98e29340c6ffeaff9991596aae61c8e998fa697e3b628f2627e8257d482f33aac8df8b121c4097673c88c571cbdcc748483d0d7a3f113940180801f8d55
-
SSDEEP
384:2PUeXIlogyMxMjG2+XLsv7BQvdtoIWy3rfrXTS/SG3nmk7i:2z7MKGbiMLoIWy3Db+/LT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4cf0bc1972c62ecef41294558df2e59f_JaffaCakes118
Files
-
4cf0bc1972c62ecef41294558df2e59f_JaffaCakes118.sys windows:5 windows x86 arch:x86
255166120636f8d841ad5ab089a6b65b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
MmGetSystemRoutineAddress
RtlInitUnicodeString
ExAllocatePoolWithTag
ExFreePoolWithTag
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 170B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 30B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ