Static task
static1
General
-
Target
765d7d3beb514dc2883fa0bc64041a28_JaffaCakes118
-
Size
75KB
-
MD5
765d7d3beb514dc2883fa0bc64041a28
-
SHA1
d5bcfc9d9d94e22cde930e6962e90a6e52c4cc16
-
SHA256
0742a87cce563a798c99c2fd390aedccf30e830e9eb6af53056d6f9054c60340
-
SHA512
95835f81bf168d056436b608b3a31a3dd2a273f2c1a8e236bc1a0ec588e941b640b47c97510a1cc9edf99430ab7c411a37c9ef7db5aa33af2812ed26ea26ee93
-
SSDEEP
1536:ryoZ3c8zgUloJPh7iVaNzyADzvgNpah1widTfqEwhR0XPUz0WsqEf:ryoZ3cmto+KyAngNpah1witjcjCq0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 765d7d3beb514dc2883fa0bc64041a28_JaffaCakes118
Files
-
765d7d3beb514dc2883fa0bc64041a28_JaffaCakes118.sys windows:5 windows x86 arch:x86
578b7369e425a7a93edbc847ba0f3f59
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
swprintf
ExFreePool
RtlCompareUnicodeString
ExAllocatePoolWithTag
RtlImageDirectoryEntryToData
Sections
Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE