0874e269849944bd35edbafc4b6f6be6_JaffaCakes118

General

Target

0874e269849944bd35edbafc4b6f6be6_JaffaCakes118
Size

55KB
MD5

0874e269849944bd35edbafc4b6f6be6
SHA1

1563db486f1c7e283681362ff913e58374a711dd
SHA256

1417450def943378f9efcc7e67d80fae9c73401e38165af1f44cd504eb4e4e6e
SHA512

86b75b9549e8e4a9f156432f68c90bedbe5a519f16f00089ac6592e7d199559ecaba158472b9084cba6f590738edf5eb694d4fb26937668621b962c8808ad532
SSDEEP

1536:4zc7P0jE7kOX3G7kwYX3AvUMa4t2qw2ceS:d7AE7f3iYX3AvUJ4wqw2R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0874e269849944bd35edbafc4b6f6be6_JaffaCakes118

Files

0874e269849944bd35edbafc4b6f6be6_JaffaCakes118
.sys windows:5 windows x86 arch:x86

7da7a20acf0285e70a19fa769c9a2033

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

scsiport.sys

ScsiPortGetDeviceBase
ScsiPortFreeDeviceBase
ScsiPortGetPhysicalAddress
ScsiPortReadPortUchar
ScsiPortReadPortUshort
ScsiPortReadPortUlong
ScsiPortReadPortBufferUchar
ScsiPortReadPortBufferUshort
ScsiPortReadPortBufferUlong
ScsiPortWritePortUchar
ScsiPortWritePortUshort
ScsiPortWritePortUlong
ScsiPortWritePortBufferUchar
ScsiPortWritePortBufferUshort
ScsiPortWritePortBufferUlong
ScsiPortNotification
ScsiPortGetBusData
ScsiPortSetBusDataByOffset
ScsiPortGetLogicalUnit
ScsiPortLogError
ScsiPortStallExecution
ScsiPortGetUncachedExtension
ScsiPortInitialize

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 227B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 896B - Virtual size: 772B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 768B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7da7a20acf0285e70a19fa769c9a2033

Headers

File Characteristics

Imports

scsiport.sys

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 256B - Virtual size: 227B

.data Size: 6KB - Virtual size: 5KB

INIT Size: 896B - Virtual size: 772B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 768B - Virtual size: 748B

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 256B - Virtual size: 227B

.data
Size: 6KB - Virtual size: 5KB

INIT
Size: 896B - Virtual size: 772B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 768B - Virtual size: 748B