Static task
static1
General
-
Target
4df258f250ad185b6f3209ecb2c822ef_JaffaCakes118
-
Size
20KB
-
MD5
4df258f250ad185b6f3209ecb2c822ef
-
SHA1
3112f7f24d2e90c8ffbae09759028221d3ec5406
-
SHA256
5f959ba28a2fb826d052bec3eac3e9b23b07802c5c9ae3de89e608e9e650a4e0
-
SHA512
59de983d5b72e997c91a36667d82a47d2bba60a254ab9b9b3f332271a2f50abb2b760c8f99aaa84335d456e50f38bff724747a8a604f9c35cccac749bafd1c0b
-
SSDEEP
48:ic6FNgAPndLQ+GLulVMcnjfFEE923PJiYecqJDGd6wHh0507UU/RP/:AgqndjGLulqcnpw3hVeJGd6+0501R
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4df258f250ad185b6f3209ecb2c822ef_JaffaCakes118
Files
-
4df258f250ad185b6f3209ecb2c822ef_JaffaCakes118.sys windows:5 windows x86 arch:x86
d9c9c4541168665f44917e3ddc4a00d5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 96B - Virtual size: 68B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 96B - Virtual size: 74B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 96B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ