Static task
static1
Behavioral task
behavioral1
Sample
5cf59e9e2a3ad9d19f4e6725813c15a4_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
5cf59e9e2a3ad9d19f4e6725813c15a4_JaffaCakes118
-
Size
215KB
-
MD5
5cf59e9e2a3ad9d19f4e6725813c15a4
-
SHA1
510b0a1bbc76471c24e4db7da4a823c8eb29ab39
-
SHA256
73959f3da99bac493c1d13f516881deb9ed39afcaea18379b51760a4033103c3
-
SHA512
eb2c6983f3028760324c30242f805fb65d99a25f12be09efda2718761e87443eedab5bb51ca004bba89b289b9d805151d57ae740f88bc90da4dfb732c7dd3875
-
SSDEEP
1536:evQBeOGtrYSSsrc93UBIfdC67m6AJiqzgLrTKBk3IU39TeYmKl:ehOm2sI93UufdC67ciRLPvx3teYmw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 5cf59e9e2a3ad9d19f4e6725813c15a4_JaffaCakes118
Files
-
5cf59e9e2a3ad9d19f4e6725813c15a4_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.rsrc Size: 155KB - Virtual size: 156KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE