Static task
static1
Behavioral task
behavioral1
Sample
e5b3fc8e7c159b836046b6f657179929_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
e5b3fc8e7c159b836046b6f657179929_JaffaCakes118
-
Size
489KB
-
MD5
e5b3fc8e7c159b836046b6f657179929
-
SHA1
90a8ebb6a71a7b8462cfbf5ff7605bc66297c48e
-
SHA256
73cefc887f0ab4d9e0269c527c1687e360493926bfb7ccc3a876b4bb19832b85
-
SHA512
977613bb7d32ea91aaf8c2303ae25dbd2ea9ba18b5ceca68a014af2be261efc3330a6b48a24c7fbbd2f22a602d59af00abf81de37b613971d9f89d6902be3e01
-
SSDEEP
6144:pqpaDiyDFrvC2uEXmoKpiTQfmlrnKdjkt1V3e+VEdC0cRm7+7nT3wJHWv2EvkWbm:pTDBNKEvKMnKdQPVxEdFcs1Ji7bTG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e5b3fc8e7c159b836046b6f657179929_JaffaCakes118
Files
-
e5b3fc8e7c159b836046b6f657179929_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 345KB - Virtual size: 345KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 142KB - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ