C:\Temp1\M5603C\BS_ColorLib_OV_RAW\NTDFUVCAV08_32\BisonAV.pdb
Static task
static1
1 signatures
General
-
Target
abd517cc80f489ef9a32a5f423118912_JaffaCakes118
-
Size
903KB
-
MD5
abd517cc80f489ef9a32a5f423118912
-
SHA1
40c51632e320ff6fe1b802200f5c1abccc20763c
-
SHA256
5dc56d3804fb9981c7c44f71204770a64dddbf6fbd00b718dbb9bac7e2773c0e
-
SHA512
e993d777848890b2dfc09ba9297a9ee77154496c2ecaa5046115859a64ae15cf1e7413e71776883fe0efc1b8b225b80bfe3dca13a983bab894ab2ec89f1b2b17
-
SSDEEP
12288:/Bx4e5rPEm809lzYJYlksk4PTupW+nfpSgTxT2Y6Fn/0xLGh://4e5S09lzYJYlksk4PTylBVTxTsxDh
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource abd517cc80f489ef9a32a5f423118912_JaffaCakes118
Files
-
abd517cc80f489ef9a32a5f423118912_JaffaCakes118.sys windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 738KB - Virtual size: 738KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 356KB - Virtual size: 356KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ