Static task
static1
General
-
Target
e1fdf64b7ee90be6090bbc5b0144af49_JaffaCakes118
-
Size
80KB
-
MD5
e1fdf64b7ee90be6090bbc5b0144af49
-
SHA1
1a5b201e9ae918a5dd53bf1c86342b78858d2624
-
SHA256
cce3c310d606a21525029148f0ea715f73527bf7c9b3727eeb72c1a29e1f402b
-
SHA512
97f6290b904379d103efc7246033e20b0600f858f108377e087aebe7bc3dacd700425bb9439bae8f51bf3314f8b975a532de1b077a8bb7e9fd7e12745365b641
-
SSDEEP
1536:H8coOdVHGTlx6m5IHIdyPRVMtB+dVU4GleXKXsVnloAV71cNiHHa+7XOUg:H2Od5Alx75IHIdDYwlknl51cQH6+jOUg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e1fdf64b7ee90be6090bbc5b0144af49_JaffaCakes118
Files
-
e1fdf64b7ee90be6090bbc5b0144af49_JaffaCakes118.sys windows:5 windows x86 arch:x86
4d5ca666e333299d80e2e05c2afd96f3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
ExAllocatePool
ExFreePool
Sections
.text Size: - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 79KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE