Static task
static1
General
-
Target
2f75a5913345da2da0789ffe00c6d4af_JaffaCakes118
-
Size
618KB
-
MD5
2f75a5913345da2da0789ffe00c6d4af
-
SHA1
f6132999e81b2922d1e439c96864d49c9a95c003
-
SHA256
14c5f22198203311d0aa07671a1aa418ea8bf298d5dc2bbd18a0f93c9b6ca8ba
-
SHA512
a2622b9bab3482c65fd5ec0aeaa1d7b954fb6f9217754087eef9ba6570e514f9b3f95fd7543bb541dd0933835a7ec84d8ac5e5d8d94ed3a377d7ce5014c9fe03
-
SSDEEP
12288:PrMyZOIEZlnMwkvNN76tSIbOWP0ueJ1cQJdck6+2TxSIZL3cTZIJb0:PrMyMIEXBkvNN7aSIbReLcQDE1gTZIu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2f75a5913345da2da0789ffe00c6d4af_JaffaCakes118
Files
-
2f75a5913345da2da0789ffe00c6d4af_JaffaCakes118.sys windows:5 windows x86 arch:x86
3f9182306464a452609b960437722d9e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KfRaiseIrql
HalMakeBeep
Sections
.text Size: - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 404B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vggfhfg Size: - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vggfhfg Size: - Virtual size: 521KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vggfhfg Size: 617KB - Virtual size: 616KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 268B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ