Static task
static1
Behavioral task
behavioral1
Sample
af92651fbd190718d77dbfef30375aa6_JaffaCakes118.exe
Resource
win7-20240611-en
General
-
Target
af92651fbd190718d77dbfef30375aa6_JaffaCakes118
-
Size
84KB
-
MD5
af92651fbd190718d77dbfef30375aa6
-
SHA1
55de591779d306a8adc1595c0662ec65038113ac
-
SHA256
3525a326d6d288a5fe54cb8ef690c0ed4e95a95f4578e6f4385194705b0f0c0a
-
SHA512
fc2f4727199d4a815d32ce6bc4908ece41e86444323e372fa279c486164422cf600f9b91f148256d183753540ec5650ac6e94ce9bbceb609a935152a811ac842
-
SSDEEP
1536:EkYSJwG0TnvjvSzHMOrAt6eyegGr/JvR0fVAdMFNtE+vp:Ek93OnroLr0yeDr/JpAA8v
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource af92651fbd190718d77dbfef30375aa6_JaffaCakes118
Files
-
af92651fbd190718d77dbfef30375aa6_JaffaCakes118.exe windows:4 windows x86 arch:x86
7a2de9a266df47114009b416fa80f40d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
OpenDesktopA
winspool.drv
DeletePrinterDriverW
ole32
CoInitializeEx
kernel32
AreFileApisANSI
lstrlenW
GetCommandLineW
lstrcmpA
GetProcessHeap
FreeConsole
Sections
.text Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nODF Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lMX_ Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ