madTraceProcess
Static task
static1
Behavioral task
behavioral1
Sample
1ecc26add52f71a0dbb00502bc2f41a3_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1ecc26add52f71a0dbb00502bc2f41a3_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
1ecc26add52f71a0dbb00502bc2f41a3_JaffaCakes118
-
Size
16.6MB
-
MD5
1ecc26add52f71a0dbb00502bc2f41a3
-
SHA1
a2538e11ad37405005b494fc9198d3acc38d0504
-
SHA256
50807ea6813879094791869dd98a91cf1c45d6b6f0a932a9ccc851dbcbc006b1
-
SHA512
b2091b1ff2e2970d3cdf5944b5934cadc66e303f65a635dc4097b463fa4ce5f9f7c6869cd15210b935568d8a83332535f516fb1106dac639628b260e202c9107
-
SSDEEP
393216:iBGjvP2a7uepYsf+ACw7k8zmWB8++acU137rhwaL/oggj0Kxw:fvZaWpiHgVKW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1ecc26add52f71a0dbb00502bc2f41a3_JaffaCakes118
Files
-
1ecc26add52f71a0dbb00502bc2f41a3_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Exports
Exports
Sections
CODE Size: 5.9MB - Virtual size: 5.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 94KB - Virtual size: 93KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 59KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 79B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: - Virtual size: 560B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 317KB - Virtual size: 316KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 10.3MB - Virtual size: 10.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ