d:\progs\gbzinho\objchk_w2K_x86\i386\Driver.pdb
Static task
static1
1 signatures
General
-
Target
68c3eb42ec1ec994d0c5940438759b13_JaffaCakes118
-
Size
22KB
-
MD5
68c3eb42ec1ec994d0c5940438759b13
-
SHA1
79c33cb7f3afe16d9302b85a65449af5ec348d52
-
SHA256
1e5a16001af2e9607d723bd1a2c72ad4f4fb898ac480e517e601f6a04a73c478
-
SHA512
9493cf6c31752af0131d55301edbebec4242caeab62ba11a934a60d76f69c91bfd459832aad127463be8ccf411cebb450e5260c0c47746d59c055bc8a466a1e4
-
SSDEEP
192:6zgfrpNZjCTgKRpJ/rynZ8xHY9xJEEM0dXzXmcYm:6wjCwNx
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 68c3eb42ec1ec994d0c5940438759b13_JaffaCakes118
Files
-
68c3eb42ec1ec994d0c5940438759b13_JaffaCakes118.sys windows:5 windows x86 arch:x86
839504a3b3e7f0c6f906b22a2933a8e3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
KeTickCount
RtlInitUnicodeString
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 206B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 406B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ