Static task
static1
Behavioral task
behavioral1
Sample
f64a83456bc601bb3aeebfdc6094057a_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f64a83456bc601bb3aeebfdc6094057a_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f64a83456bc601bb3aeebfdc6094057a_JaffaCakes118
-
Size
93KB
-
MD5
f64a83456bc601bb3aeebfdc6094057a
-
SHA1
dd117d3c5b1051c12abe3e521ac2c0e28caaa646
-
SHA256
121cf6c76608b2554ad1566c64ec8c0350d123b156cb8bd61fd7c35574958066
-
SHA512
42e791a94a22402ea428962888926cb086704d3c6888e9e12bd8f5ad2781bf9632cae1a6fd351795123c8d8bba83d8c8a4fab6c91a73508ba7927394d391789a
-
SSDEEP
1536:dOCc/KRA9EMj3IBAgVfiSTfSA8ZrggRK2AhFn+okzhF5mG4ffabCbn6cdsIlU7K+:dOCcCRjMkAgVfLTfx6rgeq8L5F0fpnjO
Malware Config
Signatures
Files
-
f64a83456bc601bb3aeebfdc6094057a_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
6c:7c:17:23:38:1a:15:a4:41:61:85:1a:89:4b:f5:45Certificate
IssuerCN=SmartFTP ClientNot Before02-01-2014 12:56Not After02-01-2114 12:56SubjectCN=SmartFTP Client2f:f8:44:a9:db:ac:37:f9:9b:dc:0f:38:ba:a8:26:24:93:81:06:79Signer
Actual PE Digest2f:f8:44:a9:db:ac:37:f9:9b:dc:0f:38:ba:a8:26:24:93:81:06:79Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ