Behavioral task
behavioral1
Sample
dfd9612cb55b1cfc4a33d9fdaf8ed070_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dfd9612cb55b1cfc4a33d9fdaf8ed070_JaffaCakes118.exe
Resource
win10v2004-20231215-en
General
-
Target
dfd9612cb55b1cfc4a33d9fdaf8ed070_JaffaCakes118
-
Size
30KB
-
MD5
dfd9612cb55b1cfc4a33d9fdaf8ed070
-
SHA1
5da6d9f8e4962eb7ea17e869ee5b586101b002c3
-
SHA256
ec1a5fbd6a5ca09382dd4b71f473657eba1a4a6e0982bcd01697821ca24d84f9
-
SHA512
d8173f7931f90d4748bd0fcafe42cf9c447557eefde5ab5fbd93d5ec276d1f357f284131d00848ee004b8417b365eb0c6b08e5c48e4fa400a75bc249b4f64160
-
SSDEEP
768:ERamfeaO55OIzv6ZrHwPZB65U7Y+7vZc5tunV7KYhJ:Lmi5OI76RHwPb61ov/nV7KmJ
Malware Config
Signatures
-
Limerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dfd9612cb55b1cfc4a33d9fdaf8ed070_JaffaCakes118
Files
-
dfd9612cb55b1cfc4a33d9fdaf8ed070_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ