C:\bld_area\EraserTrunk\src\bin\x64.Release\amd64\eraser64.pdb
Static task
static1
1 signatures
General
-
Target
b8c3ef0497de79446a0bb4a8b242a8c2_JaffaCakes118
-
Size
64KB
-
MD5
b8c3ef0497de79446a0bb4a8b242a8c2
-
SHA1
7bbaf13751ff53f945ed87b2344131a7862d2d91
-
SHA256
8bb2546c2dda690d3540d78ce745a99b335882ef2dc48a7474580006d9cfaf79
-
SHA512
1e84bc37c60135afa00e202613d433467dafbeee40d72eb0ff1a3bc23266785d811a54e6879894ee79e9f884e7b027e5fb213001563764bcf7f05ad29e5cde11
-
SSDEEP
1536:Ef58g47dUcKS7pz1E9Dvd8keYzQtS6LygPWyTIz/8m7qewL3:EBqxUc1E9iYEtSeTm8hp
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b8c3ef0497de79446a0bb4a8b242a8c2_JaffaCakes118
Files
-
b8c3ef0497de79446a0bb4a8b242a8c2_JaffaCakes118.sys windows:6 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Sections
.rdata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.npdata Size: 1024B - Virtual size: 728B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGE Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PAGEtext Size: 97KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PAGEdata Size: 512B - Virtual size: 1012B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ