C:\xampp\htdocs\Aspire\files\syscore_NKvQFClSbBXRkAev\NKvQFClSbBXRkAev_packed.pdb
Static task
static1
Behavioral task
behavioral1
Sample
20ff5927d308640388a6e252a6066a2e_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
20ff5927d308640388a6e252a6066a2e_JaffaCakes118.exe
Resource
win10v2004-20240419-en
General
-
Target
20ff5927d308640388a6e252a6066a2e_JaffaCakes118
-
Size
1.9MB
-
MD5
20ff5927d308640388a6e252a6066a2e
-
SHA1
212ed4df30ad278d89a93e7e08b00c8b21ee4891
-
SHA256
4009d69cf8684f905d1ebb5f4232ccb32a712f5475d8b8e64b3a9a9601ccd9bc
-
SHA512
81fe4eb0bb457c667f063a7255740a34d884949a9ea8b3bc8337b1dd29915205c2de640e88fc3541257895d1016e057e7ce6fc78c03c0bd334835f6b688868c7
-
SSDEEP
49152:1XkWgQct1Y85jtoenfyZKf5d4/e3d3P/oGeBklohMq3HS7fprkHieQjJ3i7bfm3H:1XZ7czY85hliUf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 20ff5927d308640388a6e252a6066a2e_JaffaCakes118
Files
-
20ff5927d308640388a6e252a6066a2e_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 33KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ