pdb.pdb
Static task
static1
Behavioral task
behavioral1
Sample
5ccc448735a335fa63bb3efe61221f24_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5ccc448735a335fa63bb3efe61221f24_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5ccc448735a335fa63bb3efe61221f24_JaffaCakes118
-
Size
90KB
-
MD5
5ccc448735a335fa63bb3efe61221f24
-
SHA1
a661dbf2020bdf70989c6942fe981279eaa6f396
-
SHA256
19a8f005b0fd62d952c320d513486778a0cf317c8f8c47821f5b8c873e1a28d1
-
SHA512
18f7e54c66bcec4caede88452528ff7934a5c000c1e6f38de9001454f2f70239b7da2c1bff11c1ba0d35586f95838bb523813fc76fe01bf548f31f8edc0069ee
-
SSDEEP
1536:n+/6CJ99Fumx/Lhq0q+lS2Nmg49yzw0P2KgMSSFAIe:nN+90mx/Lhqs4k0w4SFA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5ccc448735a335fa63bb3efe61221f24_JaffaCakes118
Files
-
5ccc448735a335fa63bb3efe61221f24_JaffaCakes118.exe windows:4 windows x86 arch:x86
28a105013b778a397906b8120bf02776
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetProcessHeap
HeapFree
HeapCompact
HeapAlloc
msvcrt
memset
Sections
.text Size: 56KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 428B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ