Static task
static1
Behavioral task
behavioral1
Sample
f42d89264c939921757f6565c601a601_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f42d89264c939921757f6565c601a601_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f42d89264c939921757f6565c601a601_JaffaCakes118
-
Size
159KB
-
MD5
f42d89264c939921757f6565c601a601
-
SHA1
1b3c67bf65dea8722ead3a884a0356202750e9d8
-
SHA256
8848c33d2007af5e284ee75ccfd56a9f863a8c1036db49fce2106e51eaa62cca
-
SHA512
cae607dcc9b71777f3d46401db621ff459f1adbf2104abe7cf288ca0da357a6ec368ddeaade56c2bb3088e381dd0e8489aed4b3665df9c8aaeb72e2c3a469506
-
SSDEEP
3072:4rvEjatADQpWT1GnFo+tlGQpfUFWhC1T1YOo4D2Ekd3FaTlFAn:4DlAnTmFoKUEhEjo4Pp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f42d89264c939921757f6565c601a601_JaffaCakes118
Files
-
f42d89264c939921757f6565c601a601_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.rsrc Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.text Size: 108KB - Virtual size: 108KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ