D:\sys\RST\objchk\i386\ressdX.pdb
Static task
static1
1 signatures
General
-
Target
35823db8d1b386f00693880f89f04e53_JaffaCakes118
-
Size
2KB
-
MD5
35823db8d1b386f00693880f89f04e53
-
SHA1
5c354cdb3845a118076c78f26c87c6d38b91c8a1
-
SHA256
3144830489f8887ea67537af16f2111d5a424181071ffb1ec8d768b51e4909ec
-
SHA512
bae420015c21cea5750c4cae41d3f365c5f85562496fd0affde2d266b11a5daad7f0908e384df85ab697eb7e8d1a805e6effbfa07901659945189f397ade5a2e
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 35823db8d1b386f00693880f89f04e53_JaffaCakes118
Files
-
35823db8d1b386f00693880f89f04e53_JaffaCakes118.sys windows:5 windows x86 arch:x86
162e100140ec6485c77446096c35e4c1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
DbgPrint
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
IoDeleteDevice
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
Sections
.text Size: 896B - Virtual size: 894B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 150B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 324B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ