C:\Users\Adrian1980\Documents\Visual Studio 2008\Projects\e.m.p.t.y\e.m.p.t.y\obj\Release\dfe3w.pdb
Static task
static1
Behavioral task
behavioral1
Sample
14f204348c8a1092929f8de9140a61fc_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
14f204348c8a1092929f8de9140a61fc_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
14f204348c8a1092929f8de9140a61fc_JaffaCakes118
-
Size
341KB
-
MD5
14f204348c8a1092929f8de9140a61fc
-
SHA1
2dd400491f442384bad0a653d16a32b4890bfc88
-
SHA256
44c4b503e0e057900c9480c6db018d3a4fd36a963bc573ed9cdeffe8d9254d70
-
SHA512
49e9769fe5ab587baa8c5ba9c71712fb86b324fd1676057ac87e8009ae9728e672de8c92cd10dd190b39b5de353cfe1186c460ff572f4b53ffa21df1ac44f9fa
-
SSDEEP
6144:hFtTlXtdNCMHjDIlqePRJSnteu0tGPJd4Q1FDea7ID5HCFJOZ/FrOFg:BxX7NCAjjePRkouFP8gpfJOZ9a
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 14f204348c8a1092929f8de9140a61fc_JaffaCakes118
Files
-
14f204348c8a1092929f8de9140a61fc_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 53KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 286KB - Virtual size: 285KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ