c:\programs\revolution6\protect\objfre_w2k_x86\i386\Protect.pdb
Static task
static1
1 signatures
General
-
Target
5c37b087ace76a3be7449c469f63b549_JaffaCakes118
-
Size
207KB
-
MD5
5c37b087ace76a3be7449c469f63b549
-
SHA1
ff6dc81b30ef7e5cc07ca099ba613241a405172e
-
SHA256
6a6d6f25b33ed6e6b458d6ef54ef5586cd0c6c9fdc972f1de66f2742da0535ea
-
SHA512
29d16ced5546b8281bf9867559f4762f2aa5f316b56025bebd2796dc3c434cc418a6cf29cac3d21a64a2b55ff8a407f5980901ce26119e155bc521648452f0fd
-
SSDEEP
3072:7lH/POyaJSxx2wZQDRZQpHuSGrunqijVMFyvI9ZXJRwf5RvZZcVJojeSUNWVoNC9:J/POy/j2wC9Zq+gqcVXFPRZe2tle/I
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5c37b087ace76a3be7449c469f63b549_JaffaCakes118
Files
-
5c37b087ace76a3be7449c469f63b549_JaffaCakes118.sys windows:6 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 116B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 203KB - Virtual size: 202KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE