Static task
static1
Behavioral task
behavioral1
Sample
5bfc4a0b0e7484ff63f2eb66b45186b7_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
5bfc4a0b0e7484ff63f2eb66b45186b7_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
5bfc4a0b0e7484ff63f2eb66b45186b7_JaffaCakes118
-
Size
624KB
-
MD5
5bfc4a0b0e7484ff63f2eb66b45186b7
-
SHA1
804f350c5034fc13fcc3d49e72de98799e301fb2
-
SHA256
9ab651c11036df65785bcd01fe6ecb68a9b0beb56579b76c350dbd3f6960f0ae
-
SHA512
084dcda591290c89d1fec84c7868d65522d193524cbbc15d61bec710f617535bf77386ea5a6c3c1b366cce216dd7310d84271847775497533648d04b8ae00620
-
SSDEEP
6144:Fp7rCb1Ekm7tzWFMLP1Coq4nFNDsFWhMh0Q/AISm9rY1NOC8IBfmbhscwovdC5OB:FJrCZW9WGLP1MWaym3C8qmbyo05OcEl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5bfc4a0b0e7484ff63f2eb66b45186b7_JaffaCakes118
Files
-
5bfc4a0b0e7484ff63f2eb66b45186b7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
YCL Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
Witc Size: 204KB - Virtual size: 204KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.PERO Size: 316KB - Virtual size: 316KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ