c:\hidecmp\objfre_wxp_x86\i386\ROOT_DRIVER.pdb
Static task
static1
1 signatures
General
-
Target
b0fccd9b37abc83128830d1f7c5024ae_JaffaCakes118
-
Size
7KB
-
MD5
b0fccd9b37abc83128830d1f7c5024ae
-
SHA1
dc037a50bd8b3e4fcf5edfff0c7538fa36c48ba2
-
SHA256
63b824356ad113d53c35b546b5bbff8524571b20009807ef68a8f10554edfc77
-
SHA512
83e697b36b6cce99eff5a71999823e227f3127527e1f596d375e1c4ff5a82ca72880ba0b82edd3fc03fb056433432b0eefe71982182bbf3e23f9ae0e1e25dad4
-
SSDEEP
96:veezxMuub0xNZzDUrJudh7Jcf1jWogIynP/AAGsxFfrp5CxE:vbx5z/UFAtw1jxgIynP/7Ffee
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b0fccd9b37abc83128830d1f7c5024ae_JaffaCakes118
Files
-
b0fccd9b37abc83128830d1f7c5024ae_JaffaCakes118.sys windows:6 windows x86 arch:x86
f38e7bc2b394411c8d61b17a5db90d67
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IoDeleteDevice
IoDeleteSymbolicLink
DbgPrint
ZwSetValueKey
ZwDeleteKey
ZwDeleteValueKey
ZwSetInformationFile
ZwTerminateProcess
ExFreePoolWithTag
RtlFreeAnsiString
strstr
RtlInitAnsiString
RtlUnicodeStringToAnsiString
sprintf
ExAllocatePool
ZwQueryInformationProcess
RtlInitUnicodeString
ZwQueryInformationFile
ZwClose
ZwOpenKey
ZwQueryKey
ObfDereferenceObject
ObReferenceObjectByName
IoDriverObjectType
MmMapLockedPages
MmBuildMdlForNonPagedPool
MmCreateMdl
KeServiceDescriptorTable
IoCreateSymbolicLink
IoCreateDevice
KeTickCount
RtlUnwind
KeBugCheckEx
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 640B - Virtual size: 548B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 256B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1024B - Virtual size: 910B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 470B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ