Static task
static1
Behavioral task
behavioral1
Sample
4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118
-
Size
127KB
-
MD5
4447e2e0dcfa90605dacc52323cfc08a
-
SHA1
18fe3e39add56c3405be72dc3e93a3789865bf28
-
SHA256
d6efc4dc4ff5e2a1783244679b88113be619bb41f1773786a73849f9be651614
-
SHA512
42eb52596ad838ec3cdade20f51adcd4836ff76c0b1aa0c19bc10981acbce7a48af0e1dc3837b70407c82c61bcd6407d0712bea8d9d5b61208dbc7559e755752
-
SSDEEP
3072:EC7AC7zC7jnVrT2QytC7zC7AC7nX6y9oFUCz:ECECvCECvCECmzFLz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118
Files
-
4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118.exe windows:4 windows x86 arch:x86
bdcd76d1ac5697a0dbd882afacb1d116
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord690
MethCallEngine
ord516
ord593
ord300
ord594
ord595
ord303
ord598
ord599
ord306
ord309
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord608
ord716
ord717
ProcCallEngine
ord537
ord645
ord648
ord570
ord571
ord573
ord685
ord100
ord689
ord612
ord616
ord617
ord619
ord581
Sections
.text Size: 76KB - Virtual size: 73KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ