Static task
static1
Behavioral task
behavioral1
Sample
ed87e187096a4c016650e8d46ce81cb7_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ed87e187096a4c016650e8d46ce81cb7_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
ed87e187096a4c016650e8d46ce81cb7_JaffaCakes118
-
Size
23KB
-
MD5
ed87e187096a4c016650e8d46ce81cb7
-
SHA1
659b1160d5167fd28f168fc94d1a82122ca63ae2
-
SHA256
4f37ea98d8b1289c16e3d2dd91a9a45f92b9216429e625e93e4d944835298087
-
SHA512
54ae1c1f18008196914602056be4ec9072908a8a79f491db2cb109c000b9fa55b95c0f4c229c94500b9b5995351529d62c8ac6e8056a4912585d397d0ab60644
-
SSDEEP
384:U6HGu1TgN2Z/sX9F7ZoWonpGGLRiwtz56SgH2wvOcCLkrOvJ/EQq6URE6sSGJ:UAaN2ZEX9roWoAE5erH2ubNSB8s6i
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ed87e187096a4c016650e8d46ce81cb7_JaffaCakes118
Files
-
ed87e187096a4c016650e8d46ce81cb7_JaffaCakes118.exe windows:4 windows x86 arch:x86
39c87c5cea161696eacaa4d7cdc6a324
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
select
kernel32
GetMailslotInfo
user32
MapVirtualKeyExW
gdi32
ExtTextOutW
advapi32
RegCreateKeyW
shell32
ShellAboutW
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 50B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ