Static task
static1
Behavioral task
behavioral1
Sample
69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118
-
Size
95KB
-
MD5
69bc9bd5f7e00d800d0973cc370578f6
-
SHA1
4bbb367430efdb514fce13501483d2627dd15b2d
-
SHA256
f24a509ad78acc5eeed6be163c25840981ef9dea5aa31ba8ae64ff892c9a3ce0
-
SHA512
36ad8d90c29b9e328ace93a1196fa622108619faedfd9e71d79f72b3b7c9c77db531d729b959d944dadb2e6dd8d34191993c755548bc167624d9c7e13dfc4e18
-
SSDEEP
1536:FG56bL7x+qR+eE88x8/eZKakO9V1meNL6CsNI8VpfodU2EjNZwD4rB7MwU13kyG+:AQ3cz8G4eKakOBpL6CAI8VOEO4r813kF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118
Files
-
69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118.exe windows:5 windows x86 arch:x86
60ececb2875afb8badaf630de8ccdaab
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemTimeAsFileTime
GetLastError
Sections
.text Size: 61KB - Virtual size: 61KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 916B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 111B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE