Static task
static1
Behavioral task
behavioral1
Sample
61e6791d64367f33a26f725f58e43df3_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
61e6791d64367f33a26f725f58e43df3_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
61e6791d64367f33a26f725f58e43df3_JaffaCakes118
-
Size
1.1MB
-
MD5
61e6791d64367f33a26f725f58e43df3
-
SHA1
6585c78cc6bc0a9d4151bbf82e949ab343e607f7
-
SHA256
025c621a1979cde664e15d07048cc6e6721b7fdab3ed6979f118e21799b441f1
-
SHA512
3ddec9a197e7c1bc2085317dd62da95a4d5dd6f8ab26a257ad93f083681825f27276962b52563a7b1f2da6a5e13fa45acd1bb9135256b57f867145f878f82143
-
SSDEEP
24576:vYAuh8qqqXdpaqJdrdyjYvWQKI/b3jLN/PX3YTyDhG:54q0dpaqJdrdycvWqV/PHYyD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 61e6791d64367f33a26f725f58e43df3_JaffaCakes118
Files
-
61e6791d64367f33a26f725f58e43df3_JaffaCakes118.exe windows:5 windows x86 arch:x86
baa93d47220682c04d92f7797d9224ce
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
comctl32
InitCommonControls
Sections
Size: 203KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
stbufwvp Size: 874KB - Virtual size: 876KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cyilqmoy Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE