d:\works\byshell_up54\driver\bypass_up53\bypass\i386\bypass.pdb
Static task
static1
1 signatures
General
-
Target
178b256eb499bf4a8e51beb3a0f25d94_JaffaCakes118
-
Size
117KB
-
MD5
178b256eb499bf4a8e51beb3a0f25d94
-
SHA1
69ee0e476a8b9c9d9ba8f153f25583705ec6d1a4
-
SHA256
f61237506684878db856c3e7e98c08aede3eb4bcd7fb8767e7a459dde0203967
-
SHA512
629d47ce47148769b2e0e1fa5d0f3b63a7ee359b569a39e82318934db73dfb0fe0b5c9b74b5439b0786f1982a2a4cee15a2fc221e9c5bab6efc353fa7c52b161
-
SSDEEP
384:sAsEpp7k6YD6Gop6oQlKHsxm2qGqa1rNn8TI0zUpyyHAeaMqA0RYjdA/DTEqHPQ+:0Ez7f6top6G46IFcFOa7iOlcEz7fJ6G
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 178b256eb499bf4a8e51beb3a0f25d94_JaffaCakes118
Files
-
178b256eb499bf4a8e51beb3a0f25d94_JaffaCakes118.sys windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
data Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE