e:\driverex\i386\Driver.pdb
Static task
static1
1 signatures
General
-
Target
dd3b8a61886546c8602d095dfb1d42bd_JaffaCakes118
-
Size
3KB
-
MD5
dd3b8a61886546c8602d095dfb1d42bd
-
SHA1
1738459a22104bc2119c5740ab7834e072bfd4f7
-
SHA256
6748e4da2e10b04872a99ca162b274e948ca760a8419b97a0913f506b0d32555
-
SHA512
1182e55334c441ac70c8a02f452d07d42a8327266d4436ed0e3a3b8c56d26b59bf6636655ce5bba8e756c85bf7f3b9a0cc62244457c669be3179252cb26656e0
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dd3b8a61886546c8602d095dfb1d42bd_JaffaCakes118
Files
-
dd3b8a61886546c8602d095dfb1d42bd_JaffaCakes118.sys windows:5 windows x86 arch:x86
d5d09f3843b4289fdefe7346f48606be
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
IoFreeMdl
MmUnmapLockedPages
MmMapLockedPages
MmBuildMdlForNonPagedPool
MmCreateMdl
ZwTerminateProcess
ExFreePoolWithTag
KeServiceDescriptorTable
ObfDereferenceObject
KeInsertQueueApc
KeInitializeApc
ExAllocatePoolWithTag
ObReferenceObjectByPointer
PsThreadType
PsLookupThreadByThreadId
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
DbgPrint
KeTickCount
KeBugCheckEx
Sections
.text Size: 896B - Virtual size: 812B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 768B - Virtual size: 728B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 140B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ