Static task
static1
General
-
Target
da2542de09de78787da04e8a2d9708f8_JaffaCakes118
-
Size
2KB
-
MD5
da2542de09de78787da04e8a2d9708f8
-
SHA1
cec5a33995909f329b07d734e5f1a118fef81f2b
-
SHA256
9f4d01bb6adb4f5b2a5c6348caf63b3137b243a1bb983a77d3b60679ea4370d0
-
SHA512
9a3815a18c7b6b08393edddea5ecd054f63f0c2ab9501aec9cc9e04885b5e1b899a250c20f3a49a1ad2e4424da8b4c15333a2428877671c1c7f60865d59ba98c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource da2542de09de78787da04e8a2d9708f8_JaffaCakes118
Files
-
da2542de09de78787da04e8a2d9708f8_JaffaCakes118.sys windows:4 windows x86 arch:x86
d9c9c4541168665f44917e3ddc4a00d5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
Sections
.text Size: 160B - Virtual size: 132B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 96B - Virtual size: 74B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 32B - Virtual size: 22B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ