Static task
static1
General
-
Target
ab34b977ed5efe4e099d7e79525c99ba_JaffaCakes118
-
Size
80KB
-
MD5
ab34b977ed5efe4e099d7e79525c99ba
-
SHA1
01cf3a91a5715a8ac19ad09ba1d810e42279027c
-
SHA256
8766b5d08bd0329d53ae7c21b9c7a3fafc530ebd9505787b84d60b35c191d8ff
-
SHA512
a44e98a085c66ecabf121e4816b2ad07524e0f2f74a9498171cfc3cc6b095f5357a4ceaac5a6334bcc3ecef10abb72975806eaa808b7e7be1e41f7aa104aa0ea
-
SSDEEP
1536:jIdwsEW/fsvfK4JCZWrVGBT8lxBy6zuv/CG5b+FFJQyMtTC96ZdaSp4prY:jIil06KuSgVGR8jBDuHC1FvBydapprY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ab34b977ed5efe4e099d7e79525c99ba_JaffaCakes118
Files
-
ab34b977ed5efe4e099d7e79525c99ba_JaffaCakes118.sys windows:5 windows x86 arch:x86
4d5ca666e333299d80e2e05c2afd96f3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
ExAllocatePool
ExFreePool
Sections
.text Size: - Virtual size: 144KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 79KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE