Static task
static1
General
-
Target
267923041d50a96b33e1a36c7ce4b997_JaffaCakes118
-
Size
173KB
-
MD5
267923041d50a96b33e1a36c7ce4b997
-
SHA1
f201902c5204c7f1817ad153dd62f8bf23a1d98c
-
SHA256
ab0b6dd8d23d29e9043f49be65eb2b85f889e8d9bd5abc3bf7c801a044021630
-
SHA512
5730fd1be0bb6a40495161e1233ca948457a3c46d7b2f0ee5927971b115eb84bbff9066c2f0fab8b69c70b1f7b411c4fd2491a717105d63a434357b2a168bd8e
-
SSDEEP
3072:COZpHxszaXAcdq2JqE+78JyMHet/e5+uZXp5/6QEQUAfD+tCjWDQLIkz6:CAHxszaXVdq+PM8EMH2/ecun5/6jLAax
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 267923041d50a96b33e1a36c7ce4b997_JaffaCakes118
Files
-
267923041d50a96b33e1a36c7ce4b997_JaffaCakes118.sys windows:6 windows x86 arch:x86
ed8963f42d71be56f65d27c51068187c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ZwOpenProcess
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KfAcquireSpinLock
HalMakeBeep
fltmgr.sys
FltIsDirectory
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 820B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.dada0 Size: 97KB - Virtual size: 97KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.dada1 Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ