Static task
static1
General
-
Target
70a12ad4374477597c4ff0cc7f6ed9b8_JaffaCakes118
-
Size
80KB
-
MD5
70a12ad4374477597c4ff0cc7f6ed9b8
-
SHA1
077751f209fe0de79dba663d41f19420b7895ed7
-
SHA256
7f684a13d44d869df2fbe999ccd0bc5cb7759b2f0d7db77bb9ac17a2a9e65348
-
SHA512
18fe26139e8693f29e0e9b9e9266b40dceb98cc55161674133baf6208ea6db3cbc292bff79821dda7c7016d63e38cd85273c9735a03bd6f81a9fc355c54dc59d
-
SSDEEP
1536:oSBjQufFJYRSXmx0y8IUHkv1tk2nysc7IUtjFu3d9Y80y8dJ0Id5Jh9cyfQDEYUB:o4QufFLaPNv1tbnuttjMxgThvIJUom
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 70a12ad4374477597c4ff0cc7f6ed9b8_JaffaCakes118
Files
-
70a12ad4374477597c4ff0cc7f6ed9b8_JaffaCakes118.sys windows:5 windows x86 arch:x86
4d5ca666e333299d80e2e05c2afd96f3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
ExAllocatePool
ExFreePool
Sections
.text Size: - Virtual size: 136KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 80KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE