z:\autobuilder\builds\800pro_figs\Sync.ini\Common\Sync\Release\Sync.pdb
Static task
static1
Behavioral task
behavioral1
Sample
3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118.exe
Resource
win10v2004-20240426-en
General
-
Target
3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118
-
Size
469KB
-
MD5
3ea09bb5b47a7e7dd88ae7a01ba48ee4
-
SHA1
eb01c151225c699d0122cf3cbbf2808c190e36c7
-
SHA256
23d09307ae079c2f2c1519e3e8df5f02faead44914b990cdab749519a9a8bca2
-
SHA512
88308a9764baf50337863c009fe088d9ca02e2df81e2ef5bea940189fd80995dcc8fab2edd1ecd0e95f136cdb6adcdfee6a9e897f6182894857bab44d5747ae0
-
SSDEEP
12288:KHPy7OCX0K0GJMFtJjYu2gX/cwzD3vXM9GcHU:K67OI0K0GktpYul/TzD/X3c0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118
Files
-
3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 168KB - Virtual size: 165KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 8KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 64KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tqn Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE