Static task
static1
Behavioral task
behavioral1
Sample
f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118.exe
Resource
win7-20240215-en
General
-
Target
f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118
-
Size
3.0MB
-
MD5
f6b63376b79682b34cfdaa2fb24b03fd
-
SHA1
ddb0cb899573fa456a4ed7379b6ff927ea30b78e
-
SHA256
2d9455ccec4cdbba6e7cd26a405c74227e7c03fdfa017d3217c443d7ada0d011
-
SHA512
048082ffd04fadbe679c32e8813f39a5414302c7acd9c88b6c74422c850f1987d6d657f451dd0afcfc650669855585757dd1436a4d231f97b646cf22e378adfd
-
SSDEEP
98304:07/rhlGcjcTRsVIoGavZFYE1wM+M6d0MkIM7:8acjcNsVXTkE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118
Files
-
f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118.exe windows:4 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 380KB - Virtual size: 976KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 441KB - Virtual size: 605KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gqwlzxjt Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vuwyfeso Size: 1024B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE