C:\Users\Administrator\Desktop\Client\Temp\XYoNjaOreK\src\obj\x86\Debug\MvAG4.pdb
Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
89b0625b0fcefeedb72f401a1ae9fba4f0b11f1f78c4b64b468a4e14177da79e.exe
Resource
win7-20240903-en
General
-
Target
JaffaCakes118_6f9657a69e2efd42ae0357b15bd8b4ed82abea6c080d27a2e4104db1abbcc61c
-
Size
431KB
-
MD5
3dbfebdf1a9bb3dd6034e8d2781e0a0e
-
SHA1
e99211a5f1646b22458e23dc991043077a281f39
-
SHA256
6f9657a69e2efd42ae0357b15bd8b4ed82abea6c080d27a2e4104db1abbcc61c
-
SHA512
05fb783db4d2cc64c29be7729d356c0ddfb4341f859ac5be0269043b0831e2974008fd1bc52d4764619c28c3d08d225d13b47e62e1dd885c6c87fb2035014417
-
SSDEEP
12288:/2Bzc0szifJfm9N7ew4vMHhOsqb3O3W505Ct:n+fJ8JkuhOr7OmRt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/89b0625b0fcefeedb72f401a1ae9fba4f0b11f1f78c4b64b468a4e14177da79e
Files
-
JaffaCakes118_6f9657a69e2efd42ae0357b15bd8b4ed82abea6c080d27a2e4104db1abbcc61c.zip
Password: infected
-
89b0625b0fcefeedb72f401a1ae9fba4f0b11f1f78c4b64b468a4e14177da79e.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 523KB - Virtual size: 522KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ