c:\32\objchk_wxp_x86\i386\gb.pdb
Static task
static1
1 signatures
General
-
Target
72e7bb118e7471ee8be66dbfce7999b4_JaffaCakes118
-
Size
19KB
-
MD5
72e7bb118e7471ee8be66dbfce7999b4
-
SHA1
de03ef9aedce1bfc1fe2f6fdd61ec47183fa1a98
-
SHA256
681eda3c368bb5a771601cd3ee7b1f34c31298a0725ca038d1711f04d8d1153a
-
SHA512
4b474b97e68a868a567bda1d51851ee2c4a23cfaddb4009eb86a38d5eabd684c96cbddb7517ec77e28b290f33c1dcbb858076a81294dab7784141646db9a9388
-
SSDEEP
192:i2K0tpS/BNlli51fHkUGrA+YAOd7wWHDAp4zIifnaSbgtwbm/WQdN6QU8j:Lyb3kQA+bIfaAbYdN7U8
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 72e7bb118e7471ee8be66dbfce7999b4_JaffaCakes118
Files
-
72e7bb118e7471ee8be66dbfce7999b4_JaffaCakes118.sys windows:6 windows x86 arch:x86
273fd69ce6bfc1d6e875a44e1633af31
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ZwWriteFile
ZwCreateFile
_vsnprintf
KeTickCount
ZwUnloadDriver
ZwClose
RtlInitUnicodeString
hal
KeGetCurrentIrql
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 133B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 332B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ