c:\xampp\htdocs\crypting\MrmsRueKNRXFWZCo\9SOGKZEIAhIf0d5t.pdb
Static task
static1
Behavioral task
behavioral1
Sample
36db1e26a1a79efc953e56ab8f4956c4_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
36db1e26a1a79efc953e56ab8f4956c4_JaffaCakes118.exe
Resource
win10v2004-20240426-en
General
-
Target
36db1e26a1a79efc953e56ab8f4956c4_JaffaCakes118
-
Size
1.1MB
-
MD5
36db1e26a1a79efc953e56ab8f4956c4
-
SHA1
09f7a2f2148b5be0c96fc43928751ebd9deee935
-
SHA256
ea927b1ad0a23078d15f4789b2e2dc4956315725538b2e52410b5b3e1f4a1b33
-
SHA512
fadd5f519c245a8bb7594c297123ec10d30ded76f8fedc90525d7eadf0a7d2db7bba9d221b8f11847abb82a59d25300965a5709ea6ed074e303812153abcb2ab
-
SSDEEP
12288:YhAI2pfi6HXuWSuACYMS0OHDYG7sYoH5trz7jhzunzYmAi1zWlY+oMk+y3NhyO6:YhjAK6HzSN/MS0tZJ66
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 36db1e26a1a79efc953e56ab8f4956c4_JaffaCakes118
Files
-
36db1e26a1a79efc953e56ab8f4956c4_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 599KB - Virtual size: 598KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 379KB - Virtual size: 379KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ