msahci.pdb
Static task
static1
1 signatures
General
-
Target
ffd51c078232fbd9b3b507b43bfe72c8_JaffaCakes118
-
Size
22KB
-
MD5
ffd51c078232fbd9b3b507b43bfe72c8
-
SHA1
71f579b41471488cfe8629847295033012cc6d44
-
SHA256
9d05f358cac118b158f311719670427ff0746133e37f07972db6a2d7f1e5e27f
-
SHA512
ac6dce5567e259a3f852f65db53be64d47a90bc6f753cfee331621357b72a5ac6042bce9e65200f5f48dc0a73c2790d64009bbf3d0e594957ab65a4e156bf507
-
SSDEEP
384:WUHCygl22CzmpE9MB07belIoCb8hIa5JEzv5de0h/jRt1HE665O+vjOcY8BZS6N2:WnlPCbVchCb8hI/zhdxx1HYZvCvuI6U3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ffd51c078232fbd9b3b507b43bfe72c8_JaffaCakes118
Files
-
ffd51c078232fbd9b3b507b43bfe72c8_JaffaCakes118.sys windows:6 windows x64 arch:x64
048e0814d53b56f7105795deb0fc45d4
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
pciidex.sys
AtaPortCopyMemory
AtaPortGetPhysicalAddress
AtaPortReadRegisterUlong
AtaPortInitializeEx
AtaPortDeviceStateChange
AtaPortEtwTraceLog
AtaPortRegistryFreeBuffer
AtaPortGetBusData
AtaPortRegistryRead
AtaPortRequestCallback
AtaPortStallExecution
AtaPortGetUnCachedExtension
AtaPortReadRegisterUchar
AtaPortBuildRequestSenseIrb
AtaPortReleaseRequestSenseIrb
AtaPortCompleteRequest
AtaPortNotification
AtaPortGetDeviceBase
AtaPortGetScatterGatherList
AtaPortRegistryAllocateBuffer
AtaPortWriteRegisterUlong
ntoskrnl.exe
KeBugCheckEx
Sections
.text Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 628B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 272B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 516B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 976B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ