XpsRchVw.pdb
Static task
static1
Behavioral task
behavioral1
Sample
281aa29b5dc191775fa2d23bf9edc981_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
281aa29b5dc191775fa2d23bf9edc981_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
281aa29b5dc191775fa2d23bf9edc981_JaffaCakes118
-
Size
4.6MB
-
MD5
281aa29b5dc191775fa2d23bf9edc981
-
SHA1
028bf0a743c28ce491a4dcc58df196a1b22471ee
-
SHA256
812a3c278c16069b7c142732d04806183bfe6530edde4d6267187f953d51670c
-
SHA512
a408e7d9b42a3165c4eb33f4c2062881d85d7c6d2c9f44ffa20c34241ad3ba45f00916421d5d028ffe4386f9788dbe66d8a696b47e12d63e22b68df407dc997a
-
SSDEEP
98304:AD3rTq8l6qT+ubIGSL8u6uySoN4H/xBFPf0p5ZPeZAQtG58Jp9I:CrGZ0Za8DuySuIxBFPy5ZPeZATiI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 281aa29b5dc191775fa2d23bf9edc981_JaffaCakes118
Files
-
281aa29b5dc191775fa2d23bf9edc981_JaffaCakes118.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 51KB - Virtual size: 131KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 66KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 240KB - Virtual size: 240KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.oli Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE