t:\ppt\x86\ship\0\ppcnvcom.pdb
Static task
static1
Behavioral task
behavioral1
Sample
28311b48c70e09769d15dbe8046e6914_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
28311b48c70e09769d15dbe8046e6914_JaffaCakes118.exe
Resource
win10v2004-20240426-en
General
-
Target
28311b48c70e09769d15dbe8046e6914_JaffaCakes118
-
Size
244KB
-
MD5
28311b48c70e09769d15dbe8046e6914
-
SHA1
582f540a44236aff0cb2c9bab50a94cfbd9b5fbf
-
SHA256
150e834c806b4650899a4710f5fe9a61a101a8b33a8b9ab1d5596564f8fa4958
-
SHA512
96ee94a16d5aa558201eba208c8d1dcf6b39aa6dfddc63c3cdc003c5f4e2e46ea6ea1b41ee47d7ef726faa81995bc694648968987df4c1158507ddfd57aa6511
-
SSDEEP
3072:UuMetFUKzf/2OpWDcZNbmy/EFTyL5CKgGZTKwIpNRbAPTOuyYzBM6x9qJgVdNx7x:V1/2OpWwxGui6K//RbAbNS6x5d/nbJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 28311b48c70e09769d15dbe8046e6914_JaffaCakes118
Files
-
28311b48c70e09769d15dbe8046e6914_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.mjg Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE