e:\svn\xmp\xmp5\4.9.15\Symbols\productrelease\Other\xmp\pdb\xmp.pdb
Static task
static1
Behavioral task
behavioral1
Sample
0be6667113a6b121a44fa6233ec506e2_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0be6667113a6b121a44fa6233ec506e2_JaffaCakes118.exe
Resource
win10v2004-20240419-en
General
-
Target
0be6667113a6b121a44fa6233ec506e2_JaffaCakes118
-
Size
420KB
-
MD5
0be6667113a6b121a44fa6233ec506e2
-
SHA1
05d6b61e19de2b8a4410126c18e16f5a84cbb3dd
-
SHA256
23a849f70478e77b579ea78d89532e8e4b313d32c41f839b5edc61e35c19e84f
-
SHA512
fd52d74280ab380f4588887879e9f50f8adcf8dcb646d585c80fb46085872ba0e255312b7656dbab142436355d74f797ca4bdbcb9c71a360d82f33cb083c95a7
-
SSDEEP
12288:Qeobe8BSObEOve4xHyJYqbiavFGgTp22fzzClFuBz:kS4zyJYqRFGQE2PC7q
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0be6667113a6b121a44fa6233ec506e2_JaffaCakes118
Files
-
0be6667113a6b121a44fa6233ec506e2_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 157KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vsp Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE