c:\removegb\objchk_wxp_x86\i386\removegb.pdb
Static task
static1
1 signatures
General
-
Target
223cccd18b27b597b2efb4aff02cdfdc_JaffaCakes118
-
Size
9KB
-
MD5
223cccd18b27b597b2efb4aff02cdfdc
-
SHA1
1b60c897cf999e8c479456290728792452f578a2
-
SHA256
8728027bc7664f492cbe97f78ece5ef5e5cef6bcee0178a64c0f7433bc6f806f
-
SHA512
ca53d8ee93ec6c537c9b78124bf133fa383feec3a23d4987c1c1559fe2bab68c8902b7c8cf7681dfc3afa1360d07bc3774e74b2375cc667f6ba5d0b737229a44
-
SSDEEP
96:zHUiVUNaUvRsCA6+6MV6GBd6y2Sf6fEuTcyfnyAMbADCCfVtYxZjhJLpN7YM92jF:z05Z5sHNDftSMZdUDpfVxQY
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 223cccd18b27b597b2efb4aff02cdfdc_JaffaCakes118
Files
-
223cccd18b27b597b2efb4aff02cdfdc_JaffaCakes118.sys windows:5 windows x86 arch:x86
946b81de8310056d0e48a8f553c7af86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
DbgPrint
ZwDeleteFile
KeTickCount
RtlInitUnicodeString
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 129B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 242B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 188B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ