J:\gbzinho\objfre\i386\Driver.pdb
Static task
static1
1 signatures
General
-
Target
c29ae054c43ac8976f0355e3c750c355_JaffaCakes118
-
Size
4KB
-
MD5
c29ae054c43ac8976f0355e3c750c355
-
SHA1
1b14e4126635f8625ab5c41f563b9b8fcc4e3510
-
SHA256
e3df3d1db8700dac85b2302d4ee4d31c483dceda97d80b92bb729c9a367e7bec
-
SHA512
98f17ace5069ce2e192c189876c43cfdf97f4e919cdf4496b8fb95967cc09e1e7dade21ed5d477b670da6d5d2a42319c245dbaba40686f352c65539d0aa0dd17
-
SSDEEP
96:e7NbVkMBaHqyfNT8IRr3zwR12Nust6d0TtN:m2jY128s4O
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c29ae054c43ac8976f0355e3c750c355_JaffaCakes118
Files
-
c29ae054c43ac8976f0355e3c750c355_JaffaCakes118.sys windows:5 windows x86 arch:x86
4edfd276e71f47012f7caa2851028913
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
RtlInitUnicodeString
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 102B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 132B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 76B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ