Static task
static1
Behavioral task
behavioral1
Sample
ed10850ad8d0971da324de2c30729742_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ed10850ad8d0971da324de2c30729742_JaffaCakes118.exe
Resource
win10v2004-20231215-en
General
-
Target
ed10850ad8d0971da324de2c30729742_JaffaCakes118
-
Size
2.1MB
-
MD5
ed10850ad8d0971da324de2c30729742
-
SHA1
bb2f3935b780d1200554d9915da9e87d76edffbe
-
SHA256
ba91d49ac453d3eb14950819a8cd6ee72aa704a24f1e47d0f8e180a3dfc768e9
-
SHA512
197ce8f3282cfc640e702841d87f088e4a86a1c95f3bdb78f806eb86d1b72684ebfc1f53b98e8708e71c87b92c8f5b5f969bd84194a3260ea7f95980ef54a8dd
-
SSDEEP
49152:EiobiV082zrjoFFfQnU26RO0QaXIe7P7uCzrlOrtD57loZQu:ZVX2zraE1yIe+CzrlO557pu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ed10850ad8d0971da324de2c30729742_JaffaCakes118
Files
-
ed10850ad8d0971da324de2c30729742_JaffaCakes118.exe windows:4 windows x86 arch:x86
baa93d47220682c04d92f7797d9224ce
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
comctl32
InitCommonControls
Sections
Size: 528KB - Virtual size: 528KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 163KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
iqgfbynw Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cqrxfbkb Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE