wextract.pdb
Static task
static1
Behavioral task
behavioral1
Sample
391c523d515004fc051ea21ac1dcdd44_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
391c523d515004fc051ea21ac1dcdd44_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
391c523d515004fc051ea21ac1dcdd44_JaffaCakes118
-
Size
26KB
-
MD5
391c523d515004fc051ea21ac1dcdd44
-
SHA1
95d80b3583e05f1b26c534ed948374362afc4d84
-
SHA256
1928941376ca096cfc0a50a03208f4ce2bb4ed85807894d049a62f5d52b271b5
-
SHA512
8ad137ec3a03f72ebc959f5dc68aa15d43f5149201d2ef70064d0c368fdf69890f77bbf2dbaad9cc5406cb358ba795a18d0c98ed9f750cb564f094d0d538c0e5
-
SSDEEP
768:RAljE5n8/bn+Kwhlr8HnxhW5sk1jtf2vfv6E:H5neEhlcTW5sk1jtf2Xvn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 391c523d515004fc051ea21ac1dcdd44_JaffaCakes118
Files
-
391c523d515004fc051ea21ac1dcdd44_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ