C:\xampp\htdocs\Aspire\files\johnclark12_ttNLFfyJYJNWsxmE\ttNLFfyJYJNWsxmEma.pdb
Static task
static1
Behavioral task
behavioral1
Sample
6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118.exe
Resource
win7-20240215-en
General
-
Target
6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118
-
Size
410KB
-
MD5
6d376f79e076fe8e311efac7bbc5499a
-
SHA1
2193c942e7d02b4627aa0802fb0107dba9b0068f
-
SHA256
1bd1c6bae8d74df3a44a814fa9f81f1988334317602c2d5f6d468617a14817ed
-
SHA512
c122aee705ae255855eacf61043969990e33fdeb7188356432e67bea2b1b983c485dd3b4a426bded895d4837785687242a5a3c242e2a45fe31abe05accfbd937
-
SSDEEP
12288:z4/ucsCfrLEnFHncFQhNe0GM1s65FHbLiSvU6Oui4am3YaCYmO2VdjVTfPKkD0Qs:z4/uY4nlcWNe0KOg2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118
Files
-
6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 67KB - Virtual size: 66KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 342KB - Virtual size: 342KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ