e:\c0809\gbph\objfre_wxp_x86\i386\GbpH.pdb
Static task
static1
1 signatures
General
-
Target
19497cf1d8d9ef8fec288b3c663e1765_JaffaCakes118
-
Size
2KB
-
MD5
19497cf1d8d9ef8fec288b3c663e1765
-
SHA1
b791b2508d6a7df55d8e0eef4f010b385f0450e9
-
SHA256
fa2826ba6de22c566b4a7bdf4b3281c1ce11a85d37d51eb31393d5d855b0672b
-
SHA512
ccb497ab7298100ee2fd16b3d3fcb2b6e916b0a54e27abed5a6ad86d173ee59bf05a91e532a9f4b5ae19ee0d239bfc6fd850e7cb9118ebfd58b1c6bddf940ad3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 19497cf1d8d9ef8fec288b3c663e1765_JaffaCakes118
Files
-
19497cf1d8d9ef8fec288b3c663e1765_JaffaCakes118.sys windows:5 windows x86 arch:x86
088d5fb10b0f992d2465e9a2e58afc1d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
RtlInitUnicodeString
KeTickCount
ZwDeleteFile
Sections
.text Size: 640B - Virtual size: 617B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 111B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 200B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 50B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ