Static task
static1
General
-
Target
ad6e9af98ac6a5802616823d60c82fe9_JaffaCakes118
-
Size
40KB
-
MD5
ad6e9af98ac6a5802616823d60c82fe9
-
SHA1
80ea6c27f734aae39755a333f8e2f2bdf99c5f3f
-
SHA256
551a6ad1f9d0a895b7a7944a87d9392e731699ec5638b1d730132473a1ac10e8
-
SHA512
94c5ecc1f75aa220ce13fbf95338acd44834c356dc8af8706ed7f0b077379dfba63345cc8317909b823bb7aa510d44152931570093181650da889293e003bf38
-
SSDEEP
768:RhKdlT8kA1UvV31VlQIq6BgMfbGAxiMlEFYgW7rdDVbwac8h:RhGlT83CbQIXKQiFSdDdwm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ad6e9af98ac6a5802616823d60c82fe9_JaffaCakes118
Files
-
ad6e9af98ac6a5802616823d60c82fe9_JaffaCakes118.sys windows:5 windows x86 arch:x86
13a32686e734ee931eecc355e548e3b0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
KeGetRecommendedSharedDataAlignment
RtlInitUnicodeString
KeBugCheck
ExAllocatePoolWithTag
PsReturnPoolQuota
PsCreateSystemThread
MmGetSystemRoutineAddress
Sections
.text Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 384B - Virtual size: 286B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 42B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ