D:\sys\i386\RESSDT.pdb
Static task
static1
1 signatures
General
-
Target
df53aaaab1cdff66555eb2ae19443bfa_JaffaCakes118
-
Size
2KB
-
MD5
df53aaaab1cdff66555eb2ae19443bfa
-
SHA1
b14e3b612e06e84cee2225bb8e7040014a4c07c3
-
SHA256
89a3a0bcfbb78e1a116d93d0c34b476b1280cc96585e0d860f59736394c96a64
-
SHA512
774599f2ef44962b79d850679f1ab8a745d635af01b59a3f3c88279b195d32c8b900545a4f3b1ea5373b175dee98b9c31d54f142a9ae0ef8e4f33a206af668ce
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource df53aaaab1cdff66555eb2ae19443bfa_JaffaCakes118
Files
-
df53aaaab1cdff66555eb2ae19443bfa_JaffaCakes118.sys windows:5 windows x86 arch:x86
ed773151d3fa6f43177d3c089dc0b564
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
Sections
.text Size: 768B - Virtual size: 724B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 139B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 308B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 90B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ