Static task
static1
General
-
Target
4fc8a5d83fd89c9cb32b0be1a40b310e_JaffaCakes118
-
Size
167KB
-
MD5
4fc8a5d83fd89c9cb32b0be1a40b310e
-
SHA1
e817fba232d4b5bcbfc78d614f4d3a3bcd2d1e99
-
SHA256
acdc0a98f05ed0c40a0486101b10396809c9f078883587c421ae030e08d61058
-
SHA512
0b8ff13b4435554fc07427ec6470afb55ab28ecec3b78a4803c8f3d1329d4bd7e56cd305e5ad68f16f9293c0e207cfde9c89cef210f8c93a494a615340a326b3
-
SSDEEP
3072:9ASz+iJA2uC2Qu7mp1i4OXSw4OA0Nx9Qt4U+YNGvj2zp5ddnw/Wy6:9Dt/2J7mp1gd4Yx9QT+jIp5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4fc8a5d83fd89c9cb32b0be1a40b310e_JaffaCakes118
Files
-
4fc8a5d83fd89c9cb32b0be1a40b310e_JaffaCakes118.sys windows:6 windows x86 arch:x86
fc93cf16c3bc941c639d149dce75a0a5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ExAllocatePool
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KfAcquireSpinLock
HalMakeBeep
fltmgr.sys
FltIsDirectory
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 820B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.dada0 Size: 96KB - Virtual size: 95KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.dada1 Size: 55KB - Virtual size: 54KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ