Static task
static1
Behavioral task
behavioral1
Sample
f347051180559aa6ecaab96f4d1c94cd_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f347051180559aa6ecaab96f4d1c94cd_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
f347051180559aa6ecaab96f4d1c94cd_JaffaCakes118
-
Size
663KB
-
MD5
f347051180559aa6ecaab96f4d1c94cd
-
SHA1
dd5c5e32e585f5536e76784c7d5f8fa73e55f33a
-
SHA256
107b9c46e78bb8a802029dd715bee34ca3fa31e1bae428d7e149dd10e8f38e3a
-
SHA512
cc019aa0769463a492089fb209672b222ff2c8aacec6672938979013f22b03e86765f1509f7ba28c6cc3dec51e19c2bae3573f4171e0b7d431a171dd2e42b241
-
SSDEEP
12288:kcuhZ45W60V6ttoK+ouEm1/QxeCOEuOcq1/rNumqWG5/21EB/Q:kRhX6tFhuEG/QTOEuuNIWouixQ
Malware Config
Signatures
Files
-
f347051180559aa6ecaab96f4d1c94cd_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
6c:7c:17:23:38:1a:15:a4:41:61:85:1a:89:4b:f5:45Certificate
IssuerCN=SmartFTP ClientNot Before02-01-2014 12:56Not After02-01-2114 12:56SubjectCN=SmartFTP Client78:8f:ce:17:70:9d:8a:2a:7b:cc:e4:3a:81:2a:e0:fe:9f:a7:33:e0Signer
Actual PE Digest78:8f:ce:17:70:9d:8a:2a:7b:cc:e4:3a:81:2a:e0:fe:9f:a7:33:e0Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 653KB - Virtual size: 653KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ