Static task
static1
General
-
Target
d73df4a884c8d501f6b827d3c64f51cf_JaffaCakes118
-
Size
75KB
-
MD5
d73df4a884c8d501f6b827d3c64f51cf
-
SHA1
3708f5973b38b4e716175916b97c657469262cc1
-
SHA256
8d0e42e11545a30b18d6d8748d49b1c4bc24cae587b6d00f99c89bbe428dcfd3
-
SHA512
bf3e7df54b8f704b9b4a23858e49ffeeedd0b61cbdf61a28c82cf42a836f34dcb7a8fead9374ec385bb795ae3f4fa8a5fc538d5dec5baab74f4db67797887379
-
SSDEEP
1536:MJnug5MjdOcfDs5KL/Eqn54Aqju0A492sTBB76rt34Zz+L:ouwcfwAL/Ed9n6r1e+L
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d73df4a884c8d501f6b827d3c64f51cf_JaffaCakes118
Files
-
d73df4a884c8d501f6b827d3c64f51cf_JaffaCakes118.sys windows:5 windows x86 arch:x86
4d5ca666e333299d80e2e05c2afd96f3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
ExAllocatePool
ExFreePool
Sections
.fengyue Size: - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.packed Size: 75KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE