Static task
static1
Behavioral task
behavioral1
Sample
5086adbc9f97df26050f269cf6e64707_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5086adbc9f97df26050f269cf6e64707_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
5086adbc9f97df26050f269cf6e64707_JaffaCakes118
-
Size
1.6MB
-
MD5
5086adbc9f97df26050f269cf6e64707
-
SHA1
436bd3dcdb87211bb833b4be9b331ed7562576b1
-
SHA256
16140e07a7ca55ce03e023fa800956033ce89621cfdb52fc33e67893f09bb751
-
SHA512
bfc05d7f0b833d1e36be57e3f52fddfe74fdb0fe813820772e2ccf87184835ce34bf99c1a64bae1e0e6f59ee134d90b9bd2f1272ef3b4a469c8f940608ac70c8
-
SSDEEP
24576:N58PwXuOhCOWIVVvUolKLSFB15PP+iLluO6BF6EWVoiAiSEO5t26S:NKwX1CU3vUocLSFLtP+KlP6BF6Eaa5s9
Malware Config
Signatures
Files
-
5086adbc9f97df26050f269cf6e64707_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
Certificate
IssuerCN=www.Whitehouse.com,OU=President,O=Whitehouse,L=Capital,ST=Washington,C=us,1.2.840.113549.1.9.1=#0c16636f6e74616374405768697465686f7573652e636f6dNot Before23-06-2015 14:14Not After22-06-2016 14:14SubjectCN=www.Whitehouse.com,OU=President,O=Whitehouse,L=Capital,ST=Washington,C=us,1.2.840.113549.1.9.1=#0c16636f6e74616374405768697465686f7573652e636f6dec:79:54:21:c1:fe:32:c8:bb:e7:25:a8:e3:1c:90:b1:b7:68:85:00Signer
Actual PE Digestec:79:54:21:c1:fe:32:c8:bb:e7:25:a8:e3:1c:90:b1:b7:68:85:00Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ