Static task
static1
Behavioral task
behavioral1
Sample
0056ab86ebb18bff6dce7dea69613d32_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0056ab86ebb18bff6dce7dea69613d32_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
0056ab86ebb18bff6dce7dea69613d32_JaffaCakes118
-
Size
300KB
-
MD5
0056ab86ebb18bff6dce7dea69613d32
-
SHA1
5182f1a5853230b65e9a4c8ee3dbfe63043a7863
-
SHA256
e97cf49bdf7f8decc6d2c0b5f225267f7a944a8d7403ec56da17ef7094729222
-
SHA512
b76c09b5c1c83b57bc516eee89ed6f380963338f68a609e6d94e7a788e9c06ad9b193923932dabcb94d463407a57f506599a90f8e3553f162fc48bcd1593b5f2
-
SSDEEP
6144:D7p8NUDl24LIMW14nDWgRAkPzTtGQn8xID0DMF16HAfe7EHer0MnJ:D7p8NuRYIR3PzBGLxe0Dc6gfe6R
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 0056ab86ebb18bff6dce7dea69613d32_JaffaCakes118
Files
-
0056ab86ebb18bff6dce7dea69613d32_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
w5tslCvB Size: - Virtual size: 156KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HhREiK40 Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PCbswfnM Size: 279KB - Virtual size: 280KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
qhnxpBQr Size: 242B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NfLmeBsZ Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ