C:\DDK\hfssdt\i386\LoveSbl.pdb
Static task
static1
1 signatures
General
-
Target
6336de1e576d71d0b378d8e8fe3fbd23_JaffaCakes118
-
Size
2KB
-
MD5
6336de1e576d71d0b378d8e8fe3fbd23
-
SHA1
5aa8cbdcbc0828f56bf1406c7ff6658b509a989b
-
SHA256
4ca419a122b34fbf57864d27e764117188f9ea6aee9ef76206daaa9e4acf5c68
-
SHA512
3506505e94ee4868ff901f8e01ca363bbbbc2552761ac2683a86af8b68156a47ef8dadc71303bddfdb3da9243bc28dadafff9188442d874f65b74c5a6c245880
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6336de1e576d71d0b378d8e8fe3fbd23_JaffaCakes118
Files
-
6336de1e576d71d0b378d8e8fe3fbd23_JaffaCakes118.sys windows:5 windows x86 arch:x86
e9d4c2e3d2463f8a8d0e53fab8344e34
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
DbgPrint
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
Sections
.text Size: 1024B - Virtual size: 988B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 147B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 324B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ