Static task
static1
General
-
Target
1ff3217614018630d0a6758630fc698c_JaffaCakes118
-
Size
15KB
-
MD5
1ff3217614018630d0a6758630fc698c
-
SHA1
09f6023b965069572c2d8f40df323cca2efb9143
-
SHA256
78a3075bbff5d7adeac1527e65aca8527bfc509df124d44410bb46c4d96c96bb
-
SHA512
dcc1ec1d436e641b536b789bba22ec9c6e22f8a8243ab270818f263cbcf80a027251d73406165d6ced328645a23381e16be63d72dc86ecbe31b22a4ed97e5acd
-
SSDEEP
384:lz/UYwUp2PQ2LsxvDdd/KeOtIrXXJ69O3jZKonFA4yhXW:lzRhpOcxv7KDGZIOT3nFbQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1ff3217614018630d0a6758630fc698c_JaffaCakes118
Files
-
1ff3217614018630d0a6758630fc698c_JaffaCakes118.sys windows:5 windows x86 arch:x86
da705bd8da6e18c93392dab37a0ff63f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
scsiport.sys
ScsiPortWriteRegisterUlong
ScsiPortStallExecution
ScsiPortReadRegisterUchar
ScsiPortWriteRegisterUchar
ScsiPortGetPhysicalAddress
ScsiPortMoveMemory
ScsiPortNotification
ScsiPortGetLogicalUnit
ScsiPortFreeDeviceBase
ScsiPortGetDeviceBase
ScsiPortConvertUlongToPhysicalAddress
ScsiPortCompleteRequest
ScsiPortLogError
ScsiPortReadRegisterUlong
ScsiPortGetSrb
ScsiPortGetUncachedExtension
ScsiPortInitialize
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 224B - Virtual size: 210B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 608B - Virtual size: 578B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 416B - Virtual size: 400B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ