0f1b37d10c2b7a148b4fa329041e0675_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f1b37d10c2b7a148b4fa329041e0675_JaffaCakes118
Size

35KB
MD5

0f1b37d10c2b7a148b4fa329041e0675
SHA1

53ec8337559eb53eec7d2a06f3b1822d798255d1
SHA256

6334f6cd2af17fec522fe6443f05acecd002e5f52c86e516aa5b54fcfcebd170
SHA512

1027a96d5fd5b44057f10af02d478b651c22058131832abeb7eef0063dc0e6609ea587caec5f5aaf9e96cb8524c02ed7b5f84c11403753e9c26edca4ffffbd5d
SSDEEP

768:A7pf9ZfFFmI9e/Gx4+Zz5zDzLLIWO9k9MiGuzwOvRHCMD+mU:A1FFmKeqz1/vI59keubvwQfU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f1b37d10c2b7a148b4fa329041e0675_JaffaCakes118

Files

0f1b37d10c2b7a148b4fa329041e0675_JaffaCakes118
.sys windows:6 windows x64 arch:x64

72750302817e59e828446b2ebd6d4a0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

sisraid2.pdb

Imports

storport.sys

StorPortGetScatterGatherList
StorPortGetDeviceBase
StorPortLogError
StorPortSetBusDataByOffset
StorPortGetBusData
StorPortGetPhysicalAddress
StorPortInitialize
StorPortCompleteRequest
StorPortGetUncachedExtension
StorPortStallExecution
StorPortNotification

ntoskrnl.exe

KeBugCheckEx

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ