Static task
static1
Behavioral task
behavioral1
Sample
fa24f8c16dae8620c526fa3a9a3bfac5_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa24f8c16dae8620c526fa3a9a3bfac5_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fa24f8c16dae8620c526fa3a9a3bfac5_JaffaCakes118
-
Size
27KB
-
MD5
fa24f8c16dae8620c526fa3a9a3bfac5
-
SHA1
001b2b77565e78ff3090e51fdbe15e8b421c682f
-
SHA256
ea5a138ec9731717a06214388d902c5487a18446cec0a2519566dc764a11cf21
-
SHA512
585cf68ab5975fa0f073dc84580a44070946e921fa9af729e89f349af866225c458c88a01de59f16c468591ae1d326f44bcc35c853727e58b69f21b41ff41e0e
-
SSDEEP
384:aj5kgba/qh41FDzqTRrgdf7uZl0YrRr1pnUXhamWlXBAUhkYfVYcgq1wo4a3WLKy:Ee/qh6FDQP/+hhWlBA6kknj74a3kCl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fa24f8c16dae8620c526fa3a9a3bfac5_JaffaCakes118
Files
-
fa24f8c16dae8620c526fa3a9a3bfac5_JaffaCakes118.exe windows:4 windows x86 arch:x86
bd51a645a9c68bd03b2e51586e5cbdcb
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
GetProcAddress
LoadLibraryA
Sections
.text Size: 25KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE