D:\udp\Udp\i386\udp.pdb
Static task
static1
1 signatures
General
-
Target
3499bc3212926f3ad1c6900636a8e032_JaffaCakes118
-
Size
5KB
-
MD5
3499bc3212926f3ad1c6900636a8e032
-
SHA1
b8230d1e4034cd3b121c60859175e708ec3b9904
-
SHA256
14fdef7b7f9b1c5740ac7b61a3a99c85594fb9a46bf4ccaa4228393d22a9ead2
-
SHA512
e571251635dbe9726ad0f7846c2918600e5d98e3994f8b17749af869a57be169f831909e8649e5910382476b64d88296d8a76cc9450bcbccef558006078e4396
-
SSDEEP
24:ev1GSLvZv2diXcw9G0v15eqvytWvjmh4vVLkphMw6oXif2:qLvhFcw1jDytlNfMw64
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3499bc3212926f3ad1c6900636a8e032_JaffaCakes118
Files
-
3499bc3212926f3ad1c6900636a8e032_JaffaCakes118.sys windows:5 windows x86 arch:x86
8719e9e8bc102671e4ee12cdb179bb12
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ObfDereferenceObject
ExAllocatePoolWithTag
IoGetDeviceObjectPointer
RtlInitUnicodeString
KeTickCount
KeBugCheckEx
ExFreePoolWithTag
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 108B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 68B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 284B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 282B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ