Static task
static1
General
-
Target
a580eec62e69b1379ab81c8ffa08b6c6_JaffaCakes118
-
Size
30KB
-
MD5
a580eec62e69b1379ab81c8ffa08b6c6
-
SHA1
86066a676ebd411ef748008bfb502478a4febd29
-
SHA256
7c39602adac898300a792ea0f4ef7fafb3962a4d0b3490da9a69a532bd0d50b6
-
SHA512
10ac56b7909d7ceb64346e723da5394cf8ca99cabb26298f4a70b7fab4ac0c89aff09a9e35be1abc0cbe77e7ab639f5047a61d22ea8d14edb3bc2db6e5c8d882
-
SSDEEP
768:dLtlNQbD+z1hI83h88am6N3M1hqAdfsDDTVGfa:11QOXI831am6N83qgcfVGi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a580eec62e69b1379ab81c8ffa08b6c6_JaffaCakes118
Files
-
a580eec62e69b1379ab81c8ffa08b6c6_JaffaCakes118.sys windows:4 windows x86 arch:x86
caed740047327835987440169debea21
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
PsGetCurrentProcessId
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 64B - Virtual size: 35B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 96B - Virtual size: 86B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 64B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ