Static task
static1
Behavioral task
behavioral1
Sample
fe1a4c3879694c969a4967b32c175d83_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fe1a4c3879694c969a4967b32c175d83_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fe1a4c3879694c969a4967b32c175d83_JaffaCakes118
-
Size
892KB
-
MD5
fe1a4c3879694c969a4967b32c175d83
-
SHA1
0b5bb4d1b9f312a759d045a22e1506a6be1a8a84
-
SHA256
6c56dcbf1fbed0067ae5fdc90e2ca1399c535948c66f0cdcf26391a1fa1b8d5c
-
SHA512
aef3712ed7f15e344d99242375d38f6fda15d39e2efc68b5e3c0d4b4ec9d5a16b0e43c8302c76d57f8f47ac1a63102e50f8fe9f3dfba48bed3afbb3b21aeba6b
-
SSDEEP
3072:F14N2LlvNVZ98BPQd7xaYzO1v9em06TivuX:F1UslvHP8BPHt9d
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource fe1a4c3879694c969a4967b32c175d83_JaffaCakes118
Files
-
fe1a4c3879694c969a4967b32c175d83_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 880KB - Virtual size: 877KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ