C:\Users\Adrian1980\Documents\Visual Studio 2008\Projects\e.m.p.t.y\e.m.p.t.y\obj\Release\dfe3w.pdb
Static task
static1
Behavioral task
behavioral1
Sample
798468b9884fa68c144d76cb14af5452_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
798468b9884fa68c144d76cb14af5452_JaffaCakes118
-
Size
347KB
-
MD5
798468b9884fa68c144d76cb14af5452
-
SHA1
4d3478dd604550433fb49789413fef732e1c9bd9
-
SHA256
de35703e31df9bd7807246d268ab683293c275d8524569ce1de6f8de1338cc6c
-
SHA512
48b1d7ec6d03bdade45f265707360e40b46d97ca93570bbd08afe52624a5c9417cce6f6cc5cc4b4c66b8259aeaf9ae750aeb9e02e29863b504f14913bfbaecfc
-
SSDEEP
6144:nFtTlXtdNCMHeSPBI2MkKEzQ8ipVND+XfP9Vtx0G0SBTG+ANFxdzektnwr7tQV/7:nxX7NCAvI2MvEz8pD+XfP9VgSBTQ3xNR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 798468b9884fa68c144d76cb14af5452_JaffaCakes118
Files
-
798468b9884fa68c144d76cb14af5452_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 53KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ