SiSRaid4.pdb
Static task
static1
1 signatures
General
-
Target
b7b01831ab619765b1fb3589e4dd3565_JaffaCakes118
-
Size
71KB
-
MD5
b7b01831ab619765b1fb3589e4dd3565
-
SHA1
02c26b7392f230841564e4afa3c9f5c70849b773
-
SHA256
52c3a44ae22f0dbb72cb2de5fa19a46c9eb4ee0d79887aa390438bf1f1d63871
-
SHA512
393c7d2f4af4de3ae3d5ff516d776d36fa700caefbdaed4342350adc7879535986d32532bd49f76852c15c7e8b55f9644762b18b30269c34dad5911b5a81ec24
-
SSDEEP
1536:nhvysELnq2bHXvMmtzwDXJepWoHoKdRQooGCoc:Zys60m9wDJ+Qot9c
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b7b01831ab619765b1fb3589e4dd3565_JaffaCakes118
Files
-
b7b01831ab619765b1fb3589e4dd3565_JaffaCakes118.sys windows:6 windows x64 arch:x64
ef77a8ff03a9eb3aab2718e0f2fc2ef2
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
storport.sys
StorPortGetBusData
StorPortGetScatterGatherList
StorPortDeviceReady
StorPortGetDeviceBase
StorPortLogError
StorPortSetBusDataByOffset
StorPortNotification
StorPortGetPhysicalAddress
StorPortInitialize
StorPortCompleteRequest
StorPortReady
StorPortGetUncachedExtension
StorPortDeviceBusy
StorPortStallExecution
StorPortDebugPrint
ScsiPortNotification
ntoskrnl.exe
KeBugCheckEx
Sections
.text Size: 65KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 816B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 750B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 992B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ