Static task
static1
General
-
Target
bbeb49a32417226cabed3e104a9c94b5_JaffaCakes118
-
Size
38KB
-
MD5
bbeb49a32417226cabed3e104a9c94b5
-
SHA1
87ea5b63f8b35228bb8cd775cdb1b0f0309ea39f
-
SHA256
4aa574ba0921fbe527381a5948a9a3d151fc6aeacd4c46954218cbed3110f785
-
SHA512
d9e1bbaa6ae00f15cc8f41a2a03dfdb8b0966f925bb40967d206ca6d930298faee4f465851e94b2da2c90c57dbdb83fb4e577728d431207b1797370b617c8a60
-
SSDEEP
768:6L8Jh5dpdO7+Rwt7xoWuya9UkUhO1h398i8/:6yhvLOxt7xoWuywU2178
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bbeb49a32417226cabed3e104a9c94b5_JaffaCakes118
Files
-
bbeb49a32417226cabed3e104a9c94b5_JaffaCakes118.sys windows:4 windows x86 arch:x86
303bbc026869bdbf03193b6bae33bcda
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
CcFlushCache
MmGetSystemRoutineAddress
ndis.sys
NdisSetTimer
Sections
.text Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE