Static task
static1
General
-
Target
1a282f192629d49987f460137225ead1_JaffaCakes118
-
Size
49KB
-
MD5
1a282f192629d49987f460137225ead1
-
SHA1
cea80976bd21a2a810fcfff1599dc71c8e631065
-
SHA256
a99871ace317f97da11e19d3ec48234dc0aeaa8a61e4d9cfc21dc8ff109b5e1c
-
SHA512
bb813e76b5481cf97eceea44f2c11b9524707db8268dd9c98505e1986809a2c1164951d7d1daa54de5148ec96cbf8e04594147dbe9e5eac9b747420effde78e9
-
SSDEEP
1536:lOIIxse3FMAubPOetNzU84UKfAuhczYAs/wv03zNUc8:l1Iee1MNbPOetNzU84UiAuhoYAs/wv07
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1a282f192629d49987f460137225ead1_JaffaCakes118
Files
-
1a282f192629d49987f460137225ead1_JaffaCakes118.sys windows:4 windows x86 arch:x86
8221ecedae95f09fb573cf01677ae036
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwClose
ExFreePool
wcscpy
ZwEnumerateKey
wcscat
ExAllocatePoolWithTag
ZwOpenKey
RtlInitUnicodeString
_strnicmp
wcsstr
ZwQueryValueKey
_except_handler3
ObfDereferenceObject
ObQueryNameString
ObReferenceObjectByHandle
RtlCompareUnicodeString
IoGetCurrentProcess
ExGetPreviousMode
KeServiceDescriptorTable
ZwSetValueKey
PsGetVersion
wcsncmp
wcslen
towlower
KeDelayExecutionThread
ZwDeleteValueKey
PsCreateSystemThread
ZwWriteFile
ZwSetInformationFile
ZwReadFile
ZwQueryInformationFile
ZwCreateFile
strncmp
strncpy
_wcsnicmp
RtlTimeToTimeFields
ExSystemTimeToLocalTime
KeQuerySystemTime
IofCompleteRequest
MmGetSystemRoutineAddress
IoRegisterDriverReinitialization
Sections
.text Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 992B - Virtual size: 986B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 928B - Virtual size: 910B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ