Static task
static1
General
-
Target
b39e4ee4823494bcfb94c6eaefc06560_JaffaCakes118
-
Size
98KB
-
MD5
b39e4ee4823494bcfb94c6eaefc06560
-
SHA1
aff4f7c90680a6023e99007158b65567499d9d3d
-
SHA256
445f32103b00d9659b8ba400de6994838e2e3d0638103cce073ae4cf067012ea
-
SHA512
21889baabf2e11bfb06edbec722c8c39ebe3f356a32f2b1a818e3a93c25aaaffe2f678802008982af3da1e6ba58a4c3429c5b0a8c31019fb5c2749b2e7de2c5b
-
SSDEEP
3072:IbwUBjExeY1Bb15pkVp6cvry4A3U07u6A2:IbfEJ1Ji6WydU07u6A2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b39e4ee4823494bcfb94c6eaefc06560_JaffaCakes118
Files
-
b39e4ee4823494bcfb94c6eaefc06560_JaffaCakes118.sys windows:6 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 161KB - Virtual size: 161KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bmm0 Size: 553KB - Virtual size: 553KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bmm1 Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ