J:\gbzinho\objfre\i386\Driver.pdb
Static task
static1
1 signatures
General
-
Target
762e0f7831f59c11181843ef269d1def_JaffaCakes118
-
Size
11KB
-
MD5
762e0f7831f59c11181843ef269d1def
-
SHA1
a3919117112fe43b0e017a6851217a3cac1fc725
-
SHA256
bb29239eb74caf33e21cf8afa3fa41195b9028d588ea98d201675bf03cbae1d7
-
SHA512
cbdf03e3e5e1b0836d887350d4536eb2b2e6a9c8d8bc755556a867c8dcb53cf0cb5e53d47b9bf731f1cce9bf08530dfdb4db742d331fd74e7ab8c4e136b80d47
-
SSDEEP
192:mG6IsgksJPYEsXUsAynFhIAIbfbFTcL1MrOMhVVCHzAr:3bYWFU63z121MCMhA0
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 762e0f7831f59c11181843ef269d1def_JaffaCakes118
Files
-
762e0f7831f59c11181843ef269d1def_JaffaCakes118.sys windows:5 windows x86 arch:x86
4edfd276e71f47012f7caa2851028913
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
RtlInitUnicodeString
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 102B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 132B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ