F:\UnhookDriver\i386\Driver.pdb
Static task
static1
1 signatures
General
-
Target
a831199d6fbcc57bd0b1c790c55a8bc9_JaffaCakes118
-
Size
4KB
-
MD5
a831199d6fbcc57bd0b1c790c55a8bc9
-
SHA1
168697b728ed9bdba88651af64be8ef67e99e9ab
-
SHA256
3ceb7bdcc1e98e9d6cfeebda2885f1c22cb8ddd6455317ef9a1b6d23c3bc4a80
-
SHA512
effa3c2c8868edc8ded1d6ead9cd0d7665f34cc594025894667622d9adc78aec5f724c13616daf4d16d437e2ee8fb46d9ce2554b696a7abb4a6f07fee1175ed3
-
SSDEEP
48:6/Uoi9yr5Tul+OyQsWOdjRkWZQ1lR0HoxmppGbhBmt+Vm:rP9gulpyQslKPROogzAhBo
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a831199d6fbcc57bd0b1c790c55a8bc9_JaffaCakes118
Files
-
a831199d6fbcc57bd0b1c790c55a8bc9_JaffaCakes118.sys windows:5 windows x86 arch:x86
148830e6c63604d00c58907d55fdc1aa
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
MmUnmapLockedPages
MmMapLockedPages
MmBuildMdlForNonPagedPool
MmCreateMdl
KeServiceDescriptorTable
DbgPrint
IoFreeMdl
Sections
.text Size: 256B - Virtual size: 240B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 116B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 222B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 54B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ