J:\T3\tndriver\idriver\sys2img\objfre_wxp_x86\i386\ITNDRIVER.pdb
Static task
static1
1 signatures
General
-
Target
33b0a5947702dfe29aaee9df413f1dbc_JaffaCakes118
-
Size
97KB
-
MD5
33b0a5947702dfe29aaee9df413f1dbc
-
SHA1
a582dc7248d5e8311e4978aa17236911699a0bb7
-
SHA256
684c74ee0023aeddf528839e654d265cf9e4364476a9d3f62be4358993ac826a
-
SHA512
7163fa55378b73dd9c94b56c1b5b5bb37e225dc7959ae1a3943e86c0c5f54803dbea81795c0cbd594decad35e376e726918dba3d1a0e22dd788ba0aadc544e34
-
SSDEEP
1536:S9iT1LvFivF9kGTmETvAjUlOyUXcXU3RhhX/wIGAbyhUT9CpPkDVeH9:tT1LvF00nErA5XcXMh5FxEsD+
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 33b0a5947702dfe29aaee9df413f1dbc_JaffaCakes118
Files
-
33b0a5947702dfe29aaee9df413f1dbc_JaffaCakes118.sys windows:5 windows x86 arch:x86
ed9f4be503aaf83210bfe61e3daea397
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
RtlInitUnicodeString
_except_handler3
MmGetSystemRoutineAddress
Sections
.text Size: 94KB - Virtual size: 94KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 165B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 640B - Virtual size: 588B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 142B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 384B - Virtual size: 362B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ