Static task
static1
Behavioral task
behavioral1
Sample
4a008672fcf9233415f60d41c08ee260_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
4a008672fcf9233415f60d41c08ee260_JaffaCakes118
-
Size
314KB
-
MD5
4a008672fcf9233415f60d41c08ee260
-
SHA1
2459a52b2927e5b8fcf3b68d98805bcad029164b
-
SHA256
2d0f810d94bc419fe0c15a185c96794e7c77bfd6d2085d1eccb6f1def2c6a917
-
SHA512
977bed02a2f183949055417a56d0014eb0708bb2939863c1b7f3f5f6410da9dfb2f71a5e858e8a05f23d56d50f35745bfe4bbb43159e53a5ac1f2492dc60599b
-
SSDEEP
6144:CxRfey7sqRxjrQSXrexQ3KulJvDdIDZm6axb9mul14rilkFpCZ8EC+s+z8U9zKZw:a5eaXH3yQ3hrd6Tap9mclkWZ8EC+HrzX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 4a008672fcf9233415f60d41c08ee260_JaffaCakes118
Files
-
4a008672fcf9233415f60d41c08ee260_JaffaCakes118.exe .vbs windows:4 windows x86 arch:x86 polyglot
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 311KB - Virtual size: 311KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ