Static task
static1
Behavioral task
behavioral1
Sample
b26c6f36a8711168dc8d2882a6cab0c2_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b26c6f36a8711168dc8d2882a6cab0c2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
b26c6f36a8711168dc8d2882a6cab0c2_JaffaCakes118
-
Size
586KB
-
MD5
b26c6f36a8711168dc8d2882a6cab0c2
-
SHA1
e133a7dad21664672df96f0e6c956effe2ac7350
-
SHA256
0f6c9c6fbd87f9ee7bb66f6d9302f0334c3b16a2a4c2482d3db0ff117fcb1e06
-
SHA512
f865d9cd05796cd4dfb69e1a9748b14c9d3ca49d29f5dee1bc8df367dc9f141ac1208a13a986f18963df2b70ff56aa76e7f2b0c7d9e2199ee472e24a24934910
-
SSDEEP
12288:ZjY1mBgD6V65x0RfcbA+y2EoekTDWXDe12aU6uW:ZjY1mNV65x0ZoAR2XNfWXi12ag
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource b26c6f36a8711168dc8d2882a6cab0c2_JaffaCakes118
Files
-
b26c6f36a8711168dc8d2882a6cab0c2_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 583KB - Virtual size: 583KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ