e:\driverex\i386\Driver.pdb
Static task
static1
1 signatures
General
-
Target
f5708bfe286ff7e095b72ee450486e05_JaffaCakes118
-
Size
3KB
-
MD5
f5708bfe286ff7e095b72ee450486e05
-
SHA1
4cd246c0b96216c539872846f9841fbdd1e9d1d3
-
SHA256
4603661f74e2ca60fd2e31bb1d30a882b45552a6fb28ef00e914755a87c993d0
-
SHA512
06ef702ac85c51b3df55e86330b2656d357484d546e46f7a86022cd9cad0ff62191a5649b5f895bf90aa83350f1a1adbc94b48ca2c0d8e462b28ce4d6c7f249c
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f5708bfe286ff7e095b72ee450486e05_JaffaCakes118
Files
-
f5708bfe286ff7e095b72ee450486e05_JaffaCakes118.sys windows:5 windows x86 arch:x86
972d9960a5503aad373cdcdcadc556f4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
DbgPrint
IoDeleteDevice
IoDeleteSymbolicLink
IoFreeMdl
MmUnmapLockedPages
MmMapLockedPages
MmBuildMdlForNonPagedPool
MmCreateMdl
ZwTerminateProcess
ExFreePoolWithTag
KeServiceDescriptorTable
ObfDereferenceObject
KeInsertQueueApc
KeInitializeApc
ExAllocatePoolWithTag
ObReferenceObjectByPointer
PsThreadType
PsLookupThreadByThreadId
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount
KeBugCheckEx
Sections
.text Size: 896B - Virtual size: 836B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 768B - Virtual size: 728B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 142B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ