c:\ma_kbrav\objfre_wxp_x86\i386\Kbrav.pdb
Static task
static1
1 signatures
General
-
Target
3ddd4b9eb9adb3287ba5020ed2ee8615_JaffaCakes118
-
Size
4KB
-
MD5
3ddd4b9eb9adb3287ba5020ed2ee8615
-
SHA1
2b71a7d82c2fbaf4ff8e13cdbda4a34f2b40fc79
-
SHA256
d6f06fabd5711ebb3ed51935988dc7b0a04e27749762e5c3ad454c02bbd15bec
-
SHA512
2c3e3b3c318eda417f447803377f15de8fa06108bdc3aeb961addc416a348bef47e8c21104ccf413191932125118106920c3f59b653049f6da4d474b25d24242
-
SSDEEP
96:Lf4q5xJ1tm5x5GJtMCUMRxG8jUs+yVcG6F:L4Ib4sQmLr6
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3ddd4b9eb9adb3287ba5020ed2ee8615_JaffaCakes118
Files
-
3ddd4b9eb9adb3287ba5020ed2ee8615_JaffaCakes118.sys windows:5 windows x86 arch:x86
86350bfa4ff4179924965b4b29949828
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ZwQuerySystemInformation
DbgPrint
KeTickCount
KeBugCheckEx
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 126B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 640B - Virtual size: 628B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 220B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 116B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ