Static task
static1
Behavioral task
behavioral1
Sample
fad5b04f4a5308a685ad497671392667_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fad5b04f4a5308a685ad497671392667_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fad5b04f4a5308a685ad497671392667_JaffaCakes118
-
Size
385KB
-
MD5
fad5b04f4a5308a685ad497671392667
-
SHA1
509c309a4dc531e3981433a0ea66bed12cc80bed
-
SHA256
2f38a13b40b9175dd6fb987fb208e854593b445c1bcdfeba5e1617f6c725d813
-
SHA512
472145695041226258aea2c1ab3ff3d121a63eacfd8f09ad7e5a326c2e647d2d118d0a9698271c7b0fde3e2f0bccd5f50dfe2f7f60955c896236862a104bba76
-
SSDEEP
6144:5aCMAtqoyXGiUWcjzUF8BPJ9q9B4UD2WDkogV/Y6myc2Nnbf0p8jdMbxpM42FLB:Ud3c/UF8xJIb4e4xGyc2Nbsk/NLB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fad5b04f4a5308a685ad497671392667_JaffaCakes118
Files
-
fad5b04f4a5308a685ad497671392667_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 352KB - Virtual size: 352KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 6KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ