C:\Users\RED\source\repos\WindowsFormsApp1\WindowsFormsApp1\obj\Debug\WindowsFormsApp1.pdb
Static task
static1
Behavioral task
behavioral1
Sample
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118
-
Size
442KB
-
MD5
edcfec04d359001fe05e4c926eef84d8
-
SHA1
10aff36567d25df6924adb595006a164b88d780b
-
SHA256
36a1bea948304d1993d6eae96a1e22bc6f6964d13083f74c2c5ddde67cc68875
-
SHA512
eeb9a84358e90b0bf9e81e2e2f60cb9dd77ed86b5bf5ce85604d400b40b6eef7be3330f30128dbd1cf920694f83eff8225166b2276c9611352b1fcf7deb1d31a
-
SSDEEP
6144:7Y4iqEUI07K8x6ZgdkZ3GVtG8gtUZl21R:0qEUZe8x5dhetUZg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource edcfec04d359001fe05e4c926eef84d8_JaffaCakes118
Files
-
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 316KB - Virtual size: 315KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 125KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ