H:\Virus\drv\objfre\i386\Driver.pdb
Static task
static1
1 signatures
General
-
Target
689b11bc37bcd62bf4b97b78ad1589d8_JaffaCakes118
-
Size
11KB
-
MD5
689b11bc37bcd62bf4b97b78ad1589d8
-
SHA1
17890d17ec5bdfe33dd7db7177d95ead25eea61a
-
SHA256
624762e25d0a0ab4e08a19a97fcca6b82a67879e08c81b59e36bf6f4415198f6
-
SHA512
f3845d12783e3b8bc3f9a24f0e4ece34017523a59dac8eb115b8bfebd08fe32ae0f446ef857ebbf3d34a458e5c958b94cf04329d07a5a18708342ec875f3141b
-
SSDEEP
192:mLd5sgksJTkEsXUsAynVIYInfbFTcL1MrOMhVVCHzJ7:+LYWFBbz121MCMhAV
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 689b11bc37bcd62bf4b97b78ad1589d8_JaffaCakes118
Files
-
689b11bc37bcd62bf4b97b78ad1589d8_JaffaCakes118.sys windows:5 windows x86 arch:x86
4edfd276e71f47012f7caa2851028913
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
RtlInitUnicodeString
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 132B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ