Static task
static1
General
-
Target
a33c302c6b8584e0ffc2ec04b878a0fd_JaffaCakes118
-
Size
43KB
-
MD5
a33c302c6b8584e0ffc2ec04b878a0fd
-
SHA1
b557c1bb4846c202830a5437450c9bf9add0d06c
-
SHA256
1a131d5ed336f3217c713b703cb3830a197724d7db158e89c380f51d958f13cc
-
SHA512
f1b4203146664f5a123c5a590ce5f8e18b8713d5291d996c3e032d492e763cd40cb5f050079870644e2a62fe59b9b81040a9e9daeb2e9a537fa7c4f57a6f2306
-
SSDEEP
384:WzGElSFKJksK9hZ7XgNNvN6cXLJFt8BgzokZdWd:WzGBFKJkslfngBgzoEw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a33c302c6b8584e0ffc2ec04b878a0fd_JaffaCakes118
Files
-
a33c302c6b8584e0ffc2ec04b878a0fd_JaffaCakes118.sys windows:4 windows x86 arch:x86
e59f3be517c36671167eecdc40d19e5a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
hal
KdComPortInUse
IoFreeAdapterChannel
HalAdjustResourceList
ntoskrnl.exe
FsRtlNotifyInitializeSync
KiDispatchInterrupt
_wcsicmp
Sections
.text Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 128B - Virtual size: 128B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 32B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 288B - Virtual size: 288B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ