Static task
static1
General
-
Target
079cd8d56e10c8d2d4c871ff346e1293_JaffaCakes118
-
Size
423KB
-
MD5
079cd8d56e10c8d2d4c871ff346e1293
-
SHA1
883afa4874d8cd76e09a79b4ee60a09c93ed4524
-
SHA256
902676c0e40146cdc26de053874d7b3efe23fd825e1e7e327b7e01b0561b2bc1
-
SHA512
6e21106f943bc2d12578ff3770a16cd04d59d0addbcecce9b950c67125a2b152f4be59b52e3fa29bf13b05b62a86a0149bb934765fb710d9efe271b3e551756d
-
SSDEEP
6144:YVXqWhg8ySdebWaVO05/qequ4HXL6+xgtx+Zlq1FPdSbWzhGyOlyfFzf0jTBX:yVFKDFwFb6+ytJ5gcYJl6D0jT1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 079cd8d56e10c8d2d4c871ff346e1293_JaffaCakes118
Files
-
079cd8d56e10c8d2d4c871ff346e1293_JaffaCakes118.sys windows:6 windows x86 arch:x86
0694dd7b20e22aa4d0d48e84d1249df3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
RtlInitUnicodeString
_allmul
_alldiv
ExFreePoolWithTag
RtlCompareUnicodeString
KeReleaseMutex
KeWaitForSingleObject
memset
ExAllocatePoolWithTag
MmGetSystemRoutineAddress
memcpy
RtlCopyUnicodeString
wcsncat
ZwAllocateVirtualMemory
ExRaiseStatus
IofCompleteRequest
swprintf
KeQuerySystemTime
sprintf
KeTickCount
KeBugCheckEx
ObfDereferenceObject
ExAllocatePoolWithTagPriority
RtlUnwind
hal
KeGetCurrentIrql
Sections
.text Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 352KB - Virtual size: 352KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1024B - Virtual size: 732B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 768B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ