E:\work\SVN_QQSpeed2010_proj\tools\QQSpeedRepairer\down_daemon\Release\QQSpeedRepairer.pdb
Static task
static1
Behavioral task
behavioral1
Sample
c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118
-
Size
413KB
-
MD5
c02a0c7cb72d1ac82676ee31161d8083
-
SHA1
22e9d8e7902ae45754b5e73c776ba3cf667e8d35
-
SHA256
0cdce581e17e9e4e82ef4de7711ac348f3c80a54839af38a70ffe9c2f09c9155
-
SHA512
f9f884ac7d830da2ee146ae75d8f0d3dabfa3f95d64c62c0477c16db903bb0b231dc9054aa8a03b60703414c0fef63de631d3726d3fe0cefe4e6a6de2eff5eeb
-
SSDEEP
6144:HVbvz3lCSPrr4qRTFa9N+nGm8p/shDA+T7WNO6oAkgmsH3z:HVbvzVPgqiIn9A95otgRz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118
Files
-
c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 156KB - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.oli Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE