C:\VICE\migbot\migdriver\objchk_w2k\i386\MIGBOT.pdb
Static task
static1
1 signatures
General
-
Target
c816b1cbc8ae0d0b72ee05c217a7b9c0_JaffaCakes118
-
Size
3KB
-
MD5
c816b1cbc8ae0d0b72ee05c217a7b9c0
-
SHA1
b07e17f496b957b5a892ad5adb71fb3236d2c45a
-
SHA256
34c46d42defc8e8cd6d0406a0d943c3ae65b139ea2764d0ae136ff8b35bbb314
-
SHA512
8e415940d6195a67aa7f948178fdf0589a1bb0737bba3f9c10260bc60964518c2a3ca30672dc4ed7884c8004fce4bf00597342219198ed288e4f36b1bd596d48
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c816b1cbc8ae0d0b72ee05c217a7b9c0_JaffaCakes118
Files
-
c816b1cbc8ae0d0b72ee05c217a7b9c0_JaffaCakes118.sys windows:5 windows x86 arch:x86
f1ebfdb5184c8fb36636e611d243e6ff
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
NtDeviceIoControlFile
SeAccessCheck
ExAllocatePoolWithTag
DbgPrint
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 136B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 150B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 50B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ