Static task
static1
Behavioral task
behavioral1
Sample
001841be7c47d683d72ff03ecc3b1781_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
001841be7c47d683d72ff03ecc3b1781_JaffaCakes118
-
Size
853KB
-
MD5
001841be7c47d683d72ff03ecc3b1781
-
SHA1
db8c8eb540075fd068136b351d466190308fe2dd
-
SHA256
33359ddd082b23c721c6ceb77db5e5534b2bf6d33167abffca2c705439fc666c
-
SHA512
109a006bee8af521a2936d17ef48699ca7916fc07b438d981855e1ce8802f2a5575af1ef2e6dbd4ec95f69435dea89aaa34f3669c67462b6bf77310afb6c615a
-
SSDEEP
24576:PC+arTXZjaNJWEEi/iznKRpdUfrK/gMc81S7IEFUcfP8:PypV0/iznKRPUfm/gQin
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 001841be7c47d683d72ff03ecc3b1781_JaffaCakes118
Files
-
001841be7c47d683d72ff03ecc3b1781_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 116KB - Virtual size: 115KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 736KB - Virtual size: 735KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ