Static task
static1
General
-
Target
2a7eeea241ba6ef3e83693498ce5707b_JaffaCakes118
-
Size
20KB
-
MD5
2a7eeea241ba6ef3e83693498ce5707b
-
SHA1
927ed84ae788e8c27189e80ff45862ed9962157e
-
SHA256
de6d658a47247584a5497cea04a7837261210a1af89bf7588731a327432ac4e3
-
SHA512
b9215f189faec0894dda62511f2824bda89c222ff591dbad99778c1e322963b1e07b7e6420dd065cadf05d64178d73ea684a056b83afac21a4d3c2e0e5b16e4f
-
SSDEEP
384:RgsW1n47Re1uS3EKw6vku+5bQu8zAEW4cVaStWpLUwW:K/LUKMth8UEcVaSKL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2a7eeea241ba6ef3e83693498ce5707b_JaffaCakes118
Files
-
2a7eeea241ba6ef3e83693498ce5707b_JaffaCakes118.sys windows:5 windows x86 arch:x86
a35736e7c5219b7e42ac920e77938af3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePool
ExAllocatePoolWithTag
DbgPrint
ExFreePool
ExGetPreviousMode
ExRaiseHardError
Sections
.text Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ