Static task
static1
General
-
Target
154b45d026a670998686af4d9488ded0_JaffaCakes118
-
Size
646KB
-
MD5
154b45d026a670998686af4d9488ded0
-
SHA1
ef4ab6b891a3d2ad9739b196d83a0c6fd8dd3270
-
SHA256
0e5d47672e953d4a12799a87cf6475b55365908b18a3b70531a701fa82d0cfa5
-
SHA512
4e54217429a7319bfe86f1090a7ddda58a120556b5f254a183af8d1378dda052547a22fcac37c56077ce3b036a12c3f2a20d8238a24247f6defe08ca3ed620dc
-
SSDEEP
12288:g6NGJ9bJKQnMyTDXIBBklPRBIKLeLxvzxOppgPzxkyfJKE9NZ79hqHKfC:g6Q1KQMdfqjICeLN6pyzxJX9NZ+KfC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 154b45d026a670998686af4d9488ded0_JaffaCakes118
Files
-
154b45d026a670998686af4d9488ded0_JaffaCakes118.sys windows:6 windows x86 arch:x86
33c7dc555d7897cbc7516708496a7dd3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
atoi
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KeAcquireInStackQueuedSpinLock
HalMakeBeep
Sections
.text Size: 117KB - Virtual size: 117KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bea0 Size: 412KB - Virtual size: 412KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bea1 Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ