Static task
static1
General
-
Target
ff8dac5bc05b030506832e46a2c6027e_JaffaCakes118
-
Size
27KB
-
MD5
ff8dac5bc05b030506832e46a2c6027e
-
SHA1
900e5acaccfb1db1150610cbe071934f00d9da7e
-
SHA256
b03bbd35d8b4acb0e76d2aaa6a037bee34886016e5bdb29d7fcd9f3641ac5e86
-
SHA512
c8bb1761a2e8aae903645affa0d36b34c6317f97272e71e950d98386f329e1b5cbade7c813b295661aecc28aabfdc80a7f8ba4204df473de2f850a393bb978fe
-
SSDEEP
768:6RXY5MzZg4zLjnYq0+6i6LOHmd9SBWfUyV1uUCy9:oXY5+fL0+61LTWsUQgU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ff8dac5bc05b030506832e46a2c6027e_JaffaCakes118
Files
-
ff8dac5bc05b030506832e46a2c6027e_JaffaCakes118.sys windows:5 windows x86 arch:x86
7814e4ada31cd5115e04f92c58205e4e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
scsiport.sys
ScsiPortFreeDeviceBase
ScsiPortGetDeviceBase
ScsiPortConvertUlongToPhysicalAddress
ScsiPortMoveMemory
ScsiPortNotification
ScsiPortStallExecution
ScsiPortReadRegisterUchar
ScsiPortWriteRegisterUchar
ScsiPortWriteRegisterUlong
ScsiPortGetPhysicalAddress
ScsiPortCompleteRequest
ScsiPortGetVirtualAddress
ScsiPortReadRegisterUlong
ScsiPortLogError
ScsiPortReadRegisterBufferUchar
ScsiPortGetUncachedExtension
ScsiPortSetBusDataByOffset
ScsiPortGetBusData
ScsiPortInitialize
Sections
.text Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 224B - Virtual size: 208B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 672B - Virtual size: 656B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 992B - Virtual size: 992B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 576B - Virtual size: 554B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ