e1e6032.pdb
Static task
static1
1 signatures
General
-
Target
0dadfde638df3ccc24e003dd58ab357e_JaffaCakes118
-
Size
215KB
-
MD5
0dadfde638df3ccc24e003dd58ab357e
-
SHA1
94fb574995524e9383df3148608a9d9af915d7a4
-
SHA256
46141336816c073ad011c1e48da9f3a29e814804647381ce96ed85aac6f60260
-
SHA512
cfdb177077c55fde70abd1e2ba495e6efeeb49c9daaf5d3402061d770f2de37b43e1c0559b6dbeb1e4e8190d30b85ab98aeb8aa5e217723221872ac3615d9a20
-
SSDEEP
3072:gXHq6Yumf6TG4AQJP/5eUww3vz5sqOV1yGMR3UxmvaWxqTH2PhdbQ48g33TwS:gXK6YXO8w3vzw5M5XaWxqdhg
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0dadfde638df3ccc24e003dd58ab357e_JaffaCakes118
Files
-
0dadfde638df3ccc24e003dd58ab357e_JaffaCakes118.sys windows:6 windows x86 arch:x86
d8e32c3a7715a32a4d5b3a2b150d4c17
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
KeBugCheckEx
RtlCopyUnicodeString
RtlAppendUnicodeStringToString
IofCompleteRequest
ZwOpenFile
MmLockPagableDataSection
MmUnlockPagableImageSection
KeQueryActiveProcessors
_allmul
KeTickCount
KeQueryTimeIncrement
RtlCompareMemory
RtlInitUnicodeString
ZwClose
memset
KefAcquireSpinLockAtDpcLevel
KefReleaseSpinLockFromDpcLevel
memcpy
MmMapLockedPagesSpecifyCache
_alldiv
KeQuerySystemTime
hal
WRITE_PORT_ULONG
WRITE_PORT_UCHAR
KeStallExecutionProcessor
KeRaiseIrqlToDpcLevel
KfReleaseSpinLock
KfAcquireSpinLock
KeGetCurrentIrql
KfRaiseIrql
KfLowerIrql
ndis.sys
NdisMMapIoSpace
NdisMRegisterIoPortRange
NdisMGetBusData
NdisMSetBusData
NdisReadConfiguration
NdisMDeregisterIoPortRange
NdisMRegisterMiniportDriver
NdisOpenConfigurationEx
NdisReadNetworkAddress
NdisMInitializeTimer
NdisAllocateMemoryWithTagPriority
NdisFreeMemory
NdisResetEvent
NdisInitializeReadWriteLock
NdisDeregisterDeviceEx
NdisReleaseReadWriteLock
NdisAcquireReadWriteLock
NdisAllocateMemoryWithTag
NdisRegisterDeviceEx
NdisMSetPeriodicTimer
NdisMSynchronizeWithInterruptEx
NdisMIndicateStatusEx
NdisMUnmapIoSpace
NdisFreeNetBufferList
NdisMSendNetBufferListsComplete
NdisMFreeNetBufferSGList
NdisMSleep
NdisMAllocateNetBufferSGList
NdisMFreeSharedMemory
NdisMAllocateSharedMemory
NdisAllocateNetBufferListPool
NdisAllocateNetBufferAndNetBufferList
NdisFreeMdl
NdisFreeNetBufferListPool
NdisFreeNetBufferPool
NdisAllocateMdl
NdisMIndicateReceiveNetBufferLists
NdisMRegisterInterruptEx
NdisMRegisterScatterGatherDma
NdisSetTimer
NdisMSetMiniportAttributes
NdisGetProcessorInformation
NdisSystemProcessorCount
NdisSetOptionalHandlers
NdisMDeregisterMiniportDriver
NdisMDeregisterScatterGatherDma
NdisCloseConfiguration
NdisMDeregisterInterruptEx
NdisWaitEvent
NdisMCancelTimer
NdisWriteErrorLogEntry
NdisMResetComplete
NdisSetEvent
NdisInitializeEvent
Sections
.text Size: 166KB - Virtual size: 166KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGE Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ