c:\iuashdiuashd\objfre_wxp_x86\i386\msnone.pdb
Static task
static1
1 signatures
General
-
Target
abdb1b150e2f280ba6b0ec0f00d6bd52_JaffaCakes118
-
Size
12KB
-
MD5
abdb1b150e2f280ba6b0ec0f00d6bd52
-
SHA1
14be47885c99e54bcf78a54fad4f19a591dc5428
-
SHA256
b4787e12dec4acbde677dc3d098cfda4018dfbb72996dd54345c66d9ab1befdc
-
SHA512
ca2ba88aa1800705233b68e0481fc4121cee61ba4fbf2a3c39ead593091a27d21eaa1778e7d6165e15704d8c151b3c7c2d6357fb0763010d6c1cbe304bfa36bb
-
SSDEEP
192:/3s6ks+XsWPIIUs4spyj9/JNEE9mhl2z4riwgNXXB+Loa89:f2RCp/NE8mhAz8iFNnB+L/89
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource abdb1b150e2f280ba6b0ec0f00d6bd52_JaffaCakes118
Files
-
abdb1b150e2f280ba6b0ec0f00d6bd52_JaffaCakes118.sys windows:5 windows x86 arch:x86
839504a3b3e7f0c6f906b22a2933a8e3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
KeTickCount
RtlInitUnicodeString
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 131B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 226B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 190B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ