C:\Users\Administrator\Desktop\Client\Temp\pZbVJYaTKI\src\obj\x86\Debug\GetEnumeratord.pdb
Static task
static1
Behavioral task
behavioral1
Sample
5d054d358e94c8b282b9c0e6ba2185c9_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
5d054d358e94c8b282b9c0e6ba2185c9_JaffaCakes118
-
Size
550KB
-
MD5
5d054d358e94c8b282b9c0e6ba2185c9
-
SHA1
069c96d4a9fb1ed9eaf6acc8b5b410803b38b8de
-
SHA256
c53c1098e4621c2258d13bd6c36d95493343129c5846f6c0ca07c12565da843d
-
SHA512
029518b8bf359508c02c5e0b1d108210549131ef25ec515c42cb09b2957b129fe83d5b0dfcc9a6a7436ef821145cec85ce0a9c9385eee1ffd809ef7c599aacfa
-
SSDEEP
12288:fSNB3UxOvePX94GhfHxzWorVKcaJQocYnKrnSO:4ixTPX94YPrVKcaCochS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 5d054d358e94c8b282b9c0e6ba2185c9_JaffaCakes118
Files
-
5d054d358e94c8b282b9c0e6ba2185c9_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 370KB - Virtual size: 370KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 179KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ