Overview

overview

3

Static

static

3

sudami/obj...er.sys

windows7-x64

1

sudami/obj...er.sys

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    84d99d8dce3a5e6037434d56ab2d82be_JaffaCakes118

  • Size

    200KB

  • MD5

    84d99d8dce3a5e6037434d56ab2d82be

  • SHA1

    f5635873cec40877c4ebf2582d07ce6771f517dd

  • SHA256

    51e428e32de137b30a4a7bf0cb746b667b66b56bcdd32f02008bf406b0977d19

  • SHA512

    e5b96ed107071a93307ef2f9baa4fb25ce8c6a26f95b6b0a91af37c5ca74bd5cf3fc5baa53385db219a479bc4d22d7f17092eb6c954d2eb9c6f243b56d9ef93f

  • SSDEEP

    3072:IkBG90amIkHLNjYU+ZObzImhdcNRBF/OKKIOZAKReajyjn+ka:/4hmrLCvObzImcN3ROBIssajyD8

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 84d99d8dce3a5e6037434d56ab2d82be_JaffaCakes118
    .rar
  • sudami/Common.h
  • sudami/InfectDriver.c
  • sudami/InfectDriver.h
  • sudami/PEHdrDefine.h
  • sudami/Resource.h
  • sudami/makefile
  • sudami/ntdll.h
  • sudami/ntifs.h
  • sudami/ntifs_48.h
  • sudami/objchk_wxp_x86/i386/InfectDriver.sys
    .sys windows:5 windows x86 arch:x86

    cd4d4533455ee06d3d9ccd3f8908fc81


    Headers

    Imports

    Sections

  • sudami/sources
  • sudami/stdafx.h
  • sudami/zwfunc.h