Static task
static1
Behavioral task
behavioral1
Sample
bc8c9c47fbc12ecf67d1d2db3945475c_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
bc8c9c47fbc12ecf67d1d2db3945475c_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
bc8c9c47fbc12ecf67d1d2db3945475c_JaffaCakes118
-
Size
928KB
-
MD5
bc8c9c47fbc12ecf67d1d2db3945475c
-
SHA1
206b5978993ebe4c257a9fb4d020589468118d44
-
SHA256
1371ed0e3652cdad077d790e54feec632246b2c457ce225a7536b0fb9d4489d7
-
SHA512
3ea78baee9f493de47f5b746525e9e68919bda31654c15acadc18957ecfa50f6193d4bc35db8fdc3d1c46e65b7fe8d38a00dd72b3181f23f0ef48a45182ff1eb
-
SSDEEP
24576:M5/eqDVN7IQhqbY82pVNjEFG1+2zLwfaUm:MVeqx6QhqYXtEFdA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource bc8c9c47fbc12ecf67d1d2db3945475c_JaffaCakes118
Files
-
bc8c9c47fbc12ecf67d1d2db3945475c_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
b49B+WV& Size: 236KB - Virtual size: 235KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 673KB - Virtual size: 672KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ