Static task
static1
General
-
Target
df2293a44cbef76095f8ef809862d5d2_JaffaCakes118
-
Size
820KB
-
MD5
df2293a44cbef76095f8ef809862d5d2
-
SHA1
3b7acdd46a890f7844ef7ce671013c122db6f6ef
-
SHA256
5e5ebbfc1d4adb02837360f6140a33eeccd6042f27aa759c87883e12ccfd8774
-
SHA512
0e391d1a10d6dbf827b4a95bc08e84eb5f5d4ea0f37d6fcc1ad4bb0e8a1e8fd1fc22c516ee740e4ec31a7ad3ae28d89744c5e62c7b5283f348497d35e8527363
-
SSDEEP
24576:l7UMCqwz41/4gyYGopaU5FC8GQCQRX5alkdBL3vS2TTaF/:lGz4NGoVSQVXY4BtTTa
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource df2293a44cbef76095f8ef809862d5d2_JaffaCakes118
Files
-
df2293a44cbef76095f8ef809862d5d2_JaffaCakes118.sys windows:6 windows x86 arch:x86
07a1590b5a7625cb47c819bb672c8d9c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
RtlAppendUnicodeStringToString
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KeRaiseIrqlToDpcLevel
HalMakeBeep
Sections
.text Size: 137KB - Virtual size: 137KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bmm0 Size: 547KB - Virtual size: 547KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bmm1 Size: 71KB - Virtual size: 71KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ