c:\Sims2\Utils\Installer\source\VP6Installer\Release\vp6install.pdb
Static task
static1
Behavioral task
behavioral1
Sample
34d6189b73f897d34c77777ad613b08c_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
34d6189b73f897d34c77777ad613b08c_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
34d6189b73f897d34c77777ad613b08c_JaffaCakes118
-
Size
195KB
-
MD5
34d6189b73f897d34c77777ad613b08c
-
SHA1
9ff51e6da04adb32284e36065a31744b7c4b840b
-
SHA256
00515c1f7125ab89ea5afe71636a7d68101d7ea3c7a264802ab3c879f3f3a66a
-
SHA512
d778f9928fd72c26a76b3465e1c0fbd374c1f36e2529652f558044c874f6b838b4e2f764b3ed2861bb706646638b8cbe06e763cb443ad83003736e6d763dc1af
-
SSDEEP
3072:Ak/Rkjlun6l6D8vUhQHD42Hkb4++Td16P8rywv7tl/ox1lRJCA:AIkY6lSm82Ht+wHQx3HCA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 34d6189b73f897d34c77777ad613b08c_JaffaCakes118
Files
-
34d6189b73f897d34c77777ad613b08c_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.mjg Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE