c:\driverdel\objchk_wxp_x86\i386\entrydel.pdb
Static task
static1
1 signatures
General
-
Target
f42d4ab2299ca55a6db0baff4f515a40_JaffaCakes118
-
Size
23KB
-
MD5
f42d4ab2299ca55a6db0baff4f515a40
-
SHA1
c5d8ad304c914d4d376cf632ca5ba6e33a2350c3
-
SHA256
62ce1829cc0d1965c75b795b1940ffbfcbd3b42a765df8ddae466531ab4d424c
-
SHA512
848ba29c0db9b51c0afb8cd9b849cb5bc59a642ad825aba8b208c24b00e076148a394ecfb391b52b05e226b4ba31d6d4ae8ba49a17de1b34589c0fc06f14f2ac
-
SSDEEP
384:4IdBx4CNn4WVRGz3jwM/RQ75o6cwV9RPO+48L26uf2XzRw2GEKgRboRiQqDENWEy:4IdH4CNn4WVRc3jwMZQ75o6cwV9Rm+4Q
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f42d4ab2299ca55a6db0baff4f515a40_JaffaCakes118
Files
-
f42d4ab2299ca55a6db0baff4f515a40_JaffaCakes118.sys windows:6 windows x86 arch:x86
4bb850b7dfe1f602503c0dcdaecfd910
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
KeTickCount
ZwDeleteFile
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 114B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 384B - Virtual size: 364B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 176B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ