wh@##weh.Pdb
Static task
static1
Behavioral task
behavioral1
Sample
6b055a631f1770dcfc2d50dfa6b36786_JaffaCakes118.exe
Resource
win7-20240419-en
General
-
Target
6b055a631f1770dcfc2d50dfa6b36786_JaffaCakes118
-
Size
828KB
-
MD5
6b055a631f1770dcfc2d50dfa6b36786
-
SHA1
9ce44107908dbddf1e1139ff8ff8d86ff3f5e8bb
-
SHA256
2645cc7bfde1325875b5fa2dab3c807da5bd75d171d88ebecbee17c311f6b31e
-
SHA512
aa3ca58be89672c0ddcc46dd7fad15e8240a42c0a69bf8b72cfe95f195b41965617b3022f3b1a176107452ff5e7412114a4b902f282d540186fad65245893ff3
-
SSDEEP
3072:yCX7HYtV7eTDakBi2+PUFvw9qRBtHdp7R:yCX74tV7yDakBucFD3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 6b055a631f1770dcfc2d50dfa6b36786_JaffaCakes118
Files
-
6b055a631f1770dcfc2d50dfa6b36786_JaffaCakes118.exe windows:5 windows x86 arch:x86
cc4e4903217787a67036a221a0435e8a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
opengl32
glEvalMesh1
mscms
UninstallColorProfileW
kernel32
GetModuleHandleA
GetNLSVersion
SetConsoleCursorInfo
InitializeSListHead
GetSystemRegistryQuota
oleaut32
SysStringLen
user32
GetSubMenu
CallWindowProcA
UserHandleGrantAccess
CreateCaret
GetCaretBlinkTime
ntdll
wcstol
memset
gdi32
GetTextFaceA
AngleArc
GetWindowExtEx
DeleteObject
shlwapi
StrTrimA
Sections
.text Size: 48KB - Virtual size: 45KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 4KB - Virtual size: 832B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 744KB - Virtual size: 742KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 456B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ