59f7e26cecf747327b1f50cc3321012e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59f7e26cecf747327b1f50cc3321012e_JaffaCakes118
Size

49KB
MD5

59f7e26cecf747327b1f50cc3321012e
SHA1

c8565271373f0088630df69424898e7fa4fa4847
SHA256

bad9f1f809061514e5e883d324761492f0127aceac02d61078178ec7e0455991
SHA512

edfd17624cd76e014666fa5f5a7943620c00c7605846826ad492d048cdd08c22e25bddfca1a2ab78d6697f28813220c26672a77dfb8d68a6f9ed5642eb69a7dd
SSDEEP

768:bGek/UXXaXvnvyCiIft0hGnvuOvf9j20GAi1mOi2VMo/uc4AmcrXDFO1:bGeIXfbiIllnlf80G9mOieWcycU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59f7e26cecf747327b1f50cc3321012e_JaffaCakes118

Files

59f7e26cecf747327b1f50cc3321012e_JaffaCakes118
.sys windows:4 windows x86 arch:x86

2fdabff33db571fdd0278d89e24717d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

usbport.sys

USBPORT_GetHciMn
USBPORT_RegisterUSBPortDriver

hal

KfLowerIrql
HalProcessorIdle
KeRaiseIrql

ntoskrnl.exe

ZwCreateFile
ZwTerminateProcess
isprint

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.myn
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tsuoc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ