Static task
static1
General
-
Target
4587af924f5d447e0b77018cd08ffd88_JaffaCakes118
-
Size
27KB
-
MD5
4587af924f5d447e0b77018cd08ffd88
-
SHA1
18d78c98eb1cc73c02ac958d63bf2b31c40f24a8
-
SHA256
a48c492f4023493de342b89879e859dac029dc5f97666e44540dab791177fd49
-
SHA512
5143e51db0d59003c09a97bbd8cc86529fa5abe510d237e02c1fd06ffbbf3ab475024fff52510c3c4dde5cd5bd1f228d2512431bb7828ee599d55850f7823bf7
-
SSDEEP
768:SGDbNcszuQ/pUNH+x4i8Bn1e3XALf3T8Btn5t:BbpuwO+Cd1e3GYLt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4587af924f5d447e0b77018cd08ffd88_JaffaCakes118
Files
-
4587af924f5d447e0b77018cd08ffd88_JaffaCakes118.sys windows:5 windows x86 arch:x86
5012dd4cb8c908895480f4ef74deaa38
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwClose
ZwDeleteValueKey
RtlInitUnicodeString
KeDelayExecutionThread
_except_handler3
PsCreateSystemThread
ZwQueryValueKey
ZwOpenKey
ObfDereferenceObject
ObQueryNameString
ObReferenceObjectByHandle
RtlCompareUnicodeString
IoGetCurrentProcess
ExGetPreviousMode
KeServiceDescriptorTable
ZwSetValueKey
PsGetVersion
ZwCreateFile
IoRegisterDriverReinitialization
ExFreePool
wcscpy
ZwEnumerateKey
wcscat
ExAllocatePoolWithTag
wcsncmp
wcslen
towlower
wcsstr
IofCompleteRequest
_strnicmp
strncmp
strncpy
ZwWriteFile
ZwSetInformationFile
ZwReadFile
ZwQueryInformationFile
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
_wcsnicmp
RtlTimeToTimeFields
ExSystemTimeToLocalTime
KeQuerySystemTime
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 800B - Virtual size: 790B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ