rYfqwb.pdb
Static task
static1
Behavioral task
behavioral1
Sample
fd032e026a2d0dc8f80370acf62e120c4a04fb1fd46318839f162f1949ad0edf_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
fd032e026a2d0dc8f80370acf62e120c4a04fb1fd46318839f162f1949ad0edf_JaffaCakes118
-
Size
867KB
-
MD5
86f59231b4d4b92d9d41a16a142380fe
-
SHA1
3bbadc59af1d5358c0565eadc51ce777d47a0dda
-
SHA256
fd032e026a2d0dc8f80370acf62e120c4a04fb1fd46318839f162f1949ad0edf
-
SHA512
1b98f0c970819f7a1f5fb2b8566b4b0c0abb126b747f092f90587189f345a5d3672446b1e762752c3ffcdd0b2f92f28bcb2538e8e14af5abd2b5013a1a0bcaff
-
SSDEEP
12288:gU6HguXUVUAfIOsgKwDV+nm5vc19ApsWSyO7rbdTrcL/SIIcM8zh:EgzQwB8mhMtV5g8z8zh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource fd032e026a2d0dc8f80370acf62e120c4a04fb1fd46318839f162f1949ad0edf_JaffaCakes118
Files
-
fd032e026a2d0dc8f80370acf62e120c4a04fb1fd46318839f162f1949ad0edf_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 864KB - Virtual size: 863KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ