Static task
static1
General
-
Target
6f366aff9ebbabd4d2e4b119c3a4f427_JaffaCakes118
-
Size
10KB
-
MD5
6f366aff9ebbabd4d2e4b119c3a4f427
-
SHA1
9dbbc91759c34afcce6780d16aea09043738a0c1
-
SHA256
1a64a71679ab36f6d312d98885a910174653e3a8c9509be61c8ee85672c72398
-
SHA512
a72db80e7f33b3c526ba0cae747a342f58d26baec6900882333c8982af8ef51dc66832ef0bbcf54af1d83fcd0735b5e66dd6f506ecbd33f7fccee12259120770
-
SSDEEP
192:Qm0QRMcDSlViZ7rqKDi6c7VG54iWDiI1Wp+HowWIEEOiQxE3xK3gcrgF:aQRMcO27OAcA5+DiIZowWRkQykgc0F
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6f366aff9ebbabd4d2e4b119c3a4f427_JaffaCakes118
Files
-
6f366aff9ebbabd4d2e4b119c3a4f427_JaffaCakes118.sys windows:4 windows x86 arch:x86
84af902e38e6201757edc31997965389
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwDeleteKey
ZwOpenFile
MmGetSystemRoutineAddress
hal
HalDisplayString
KeRaiseIrql
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ