Static task
static1
1 signatures
General
-
Target
467c0487a0430dc1fbe9bb88d3314a1e_JaffaCakes118
-
Size
501B
-
MD5
467c0487a0430dc1fbe9bb88d3314a1e
-
SHA1
79fd7567bf7455c200c2c415133cb19a0846e5e9
-
SHA256
314c3484e8ad896c3e10e7a0746409d09e01ff3aa9dfa61a9573e3b48c1ef1ab
-
SHA512
02b8ff2abf78ad2a79aba6e3acd9c328311bd86b6bcccf968261b78b7cdd61faf4903308f541de7653d11a1c717328390b96b20c4d6f4bf2b559b141e9ad0b0d
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Rootkit.Win32.Agent.yf
Files
-
467c0487a0430dc1fbe9bb88d3314a1e_JaffaCakes118.zip
-
Rootkit.Win32.Agent.yf.sys windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 160B - Virtual size: 140B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 32B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ