Static task
static1
Behavioral task
behavioral1
Sample
a1d568c439540ba4e6f02736fa516c07_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a1d568c439540ba4e6f02736fa516c07_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
a1d568c439540ba4e6f02736fa516c07_JaffaCakes118
-
Size
7KB
-
MD5
a1d568c439540ba4e6f02736fa516c07
-
SHA1
6c8d8150cc595c56f0cc707ce8784a43fb953081
-
SHA256
6e93f67e82a84ab6e179771db876a324e75087ef244fcc8651b0c1ced894e84c
-
SHA512
1a0ba0306e4716706d90cc2ab5252b0c351e6a2c8a972958618c76391569a598359360dc27baa41382a06d243fac387e2215c3d9927d181eb1cc4c57b9f83967
-
SSDEEP
96:lFYSOw9+V+18f8YouLydO9J3XmvXLA8TjkQ5UdVXX2OY6PpEEVrBgU6zAcfnp3e:0/Ena8Yo+fJHmvbA8b2d26PprfEAYp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a1d568c439540ba4e6f02736fa516c07_JaffaCakes118
Files
-
a1d568c439540ba4e6f02736fa516c07_JaffaCakes118.exe windows:4 windows x86 arch:x86
7634ba181155a05a605c2ea121a08262
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
msvcrt
_stat
Sections
.MPRESS1 Size: 5KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 1024B - Virtual size: 875B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE