Static task
static1
General
-
Target
eb4c0e8744ed09671af7d8373c717efc_JaffaCakes118
-
Size
218KB
-
MD5
eb4c0e8744ed09671af7d8373c717efc
-
SHA1
3e74f6530209d29e47401b06bc08e457e73d8a82
-
SHA256
d14f36b198b9d1fea5b09a0794d56d2959c6dfe2fc6b0830075f044fbb4f72aa
-
SHA512
d4c2fdd4cb0d6f407936065571eb821da91c096919b834ea6dbef9aef575a002ef5f2c7a0676b847a077a2e8d786451ff3059807267bd2c3e43b806855568113
-
SSDEEP
6144:dl0OD+kA35VQH227WkteO97ASL65GY4IPsL:dl0ODq34H26195ASLO14IPm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eb4c0e8744ed09671af7d8373c717efc_JaffaCakes118
Files
-
eb4c0e8744ed09671af7d8373c717efc_JaffaCakes118.sys windows:6 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
init Size: 512B - Virtual size: 224B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
page Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.aot Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 149KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 52KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 896B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ