Static task
static1
General
-
Target
64c9ab5b3b5ff8d89744dd2b8435eb58_JaffaCakes118
-
Size
173KB
-
MD5
64c9ab5b3b5ff8d89744dd2b8435eb58
-
SHA1
d92e4fac1efaea21f5b6ac0315cfb942df3c8d1f
-
SHA256
4954bf129732887a83c6c2464bcb869b908bd1134170418ad97817a092e67da8
-
SHA512
655ea49948bdf41533605df62177390b9a5ef42d335526548d1ea892b0477da418fbe2d20011d3a99bba5d15b32b80af32b37f6ada9d6382281a619c63685d55
-
SSDEEP
3072:X4x5SJo/p+I9hASS7SSSSSSSSSSSlSSSSBYuSYNflErGN:on9lnASS7SSSSSSSSSSSlSSSS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 64c9ab5b3b5ff8d89744dd2b8435eb58_JaffaCakes118
Files
-
64c9ab5b3b5ff8d89744dd2b8435eb58_JaffaCakes118.sys windows:5 windows x86 arch:x86
2df80650cc1853520a241690a4ebf486
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ndis.sys
NdisWaitEvent
ntoskrnl.exe
DbgBreakPointWithStatus
MmGetSystemRoutineAddress
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 256B - Virtual size: 252B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE