D:\RESSDT\i386\RESSDT.pdb
Static task
static1
1 signatures
General
-
Target
65f9280df33f3b2a61b2a920d32f9d96_JaffaCakes118
-
Size
2KB
-
MD5
65f9280df33f3b2a61b2a920d32f9d96
-
SHA1
d3ccd53d5843c5ac9f1de51f7030d2f314027775
-
SHA256
163669c52a61a17a991b0c32aa8496fef4b32acc0ac6e1fe6ad7065a528e82b0
-
SHA512
6f4b3e3cbb104ddf209149492b33f64c6adf0f72017e9ae08bada8b568c64196e161ff3d78d1a9b606d2270c6feec473ca689d7aa44cc7e2e5770ea2ad569fad
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 65f9280df33f3b2a61b2a920d32f9d96_JaffaCakes118
Files
-
65f9280df33f3b2a61b2a920d32f9d96_JaffaCakes118.sys windows:5 windows x86 arch:x86
2d7db8c727ea186c5d443965a13bc45d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
KeServiceDescriptorTable
ProbeForRead
ProbeForWrite
IoCreateSymbolicLink
DbgPrint
IoCreateDevice
RtlInitUnicodeString
_except_handler3
Sections
.text Size: 512B - Virtual size: 490B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 142B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 274B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 66B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ