8bc7613ff79f107f08b4cbf0f47b276e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bc7613ff79f107f08b4cbf0f47b276e_JaffaCakes118
Size

49KB
MD5

8bc7613ff79f107f08b4cbf0f47b276e
SHA1

77d2eeed8ef883038acf3a486bf1cf2b02c6a484
SHA256

e1b86233f8bb95eaed0d1a5ec2baf399783015b22ef3351aac5da0bf060bcc84
SHA512

3f205d66216e46ad1f74723a2f6278d22443f6d0a1140579d528fcb54fe504ac00eb22b97261e932eec63699a5f351785b57b5a8a5bd91c55d2f6538705fa113
SSDEEP

768:PGek/UHXaXvnvyCi3uLIBdzaiaiiiceNaPpNu4AHtzCZ3hSigxi:PGesXfbieUYiaiii+pNuheCo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bc7613ff79f107f08b4cbf0f47b276e_JaffaCakes118

Files

8bc7613ff79f107f08b4cbf0f47b276e_JaffaCakes118
.sys windows:4 windows x86 arch:x86

2fdabff33db571fdd0278d89e24717d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

usbport.sys

USBPORT_GetHciMn
USBPORT_RegisterUSBPortDriver

hal

KfLowerIrql
HalProcessorIdle
KeRaiseIrql

ntoskrnl.exe

ZwCreateFile
ZwTerminateProcess
isprint

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.myn
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tsuoc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ