Static task
static1
Behavioral task
behavioral1
Sample
99bc695dc4bc6fa0762b654487976cf6_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
99bc695dc4bc6fa0762b654487976cf6_JaffaCakes118
-
Size
58KB
-
MD5
99bc695dc4bc6fa0762b654487976cf6
-
SHA1
49ce689206bc9744614766c4878dae4279b3c53a
-
SHA256
9abca527a4f1a59ce0c88f0ce0b68b02a784aab563f3023e7fc338757668cc63
-
SHA512
ac91d3a7c8c94b8077628e21b9dde837a3fae6232c8a8cbec96cb05bef482d3337e05947e93fe8cb0f40f76901526485d4da20b5be27114759a40d170ff01785
-
SSDEEP
1536:sKZriYNLlhkbyLqkM8nsKikcmc2IrwggUwIv1k/hJbX5A/EC:sRSlhk2pIOc2iB9v1k/DbJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 99bc695dc4bc6fa0762b654487976cf6_JaffaCakes118
Files
-
99bc695dc4bc6fa0762b654487976cf6_JaffaCakes118.exe windows:6 windows x86 arch:x86
009889c73bd2e55113bf6dfa5f395e0d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
IsProcessorFeaturePresent
Sections
.text Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ