RDPCDD.pdb
Static task
static1
1 signatures
General
-
Target
322f6af2b2317354b6cf86cad669fbbb_JaffaCakes118
-
Size
4KB
-
MD5
322f6af2b2317354b6cf86cad669fbbb
-
SHA1
11ad7a089205eda1f8fbf87e5d8d522436f3f930
-
SHA256
0057c9871e24c67a1068e4a074ab826bb0fd20ea242e1d89b617b9910f4f9940
-
SHA512
c8e2e0f638199d565d640380c8749a60a6badc80b48025d94b49b3e899af0898e348da4834ba2a14fb6aafcb167cdd75f5a3b607912c98ef6fcabdbec5aad1f0
-
SSDEEP
48:qKxB5SQQFA/j7mVTtLzPSyn5nAuymkhqUWmqUWcTKVOtFR83ta+dMY0X05QcX:7xBEw/mj6y5nA3mlh1hcmARw4+dSvc
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 322f6af2b2317354b6cf86cad669fbbb_JaffaCakes118
Files
-
322f6af2b2317354b6cf86cad669fbbb_JaffaCakes118.sys windows:5 windows x86 arch:x86
dfd91ac6f100c03188a8a3f3778dd205
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
RtlWriteRegistryValue
ZwCreateFile
RtlAppendUnicodeToString
RtlIntegerToUnicodeString
ExFreePoolWithTag
videoprt.sys
VideoPortInitialize
VideoPortZeroMemory
Sections
.rdata Size: 128B - Virtual size: 111B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PAGE Size: 128B - Virtual size: 92B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 312B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 976B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 128B - Virtual size: 90B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ