Static task
static1
Behavioral task
behavioral1
Sample
01aebc7226abb3be8888bc9d5b2955f4_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
01aebc7226abb3be8888bc9d5b2955f4_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
01aebc7226abb3be8888bc9d5b2955f4_JaffaCakes118
-
Size
14KB
-
MD5
01aebc7226abb3be8888bc9d5b2955f4
-
SHA1
e809c5683735637fedbb3bbee833ec750b845476
-
SHA256
953635e26cae6a1014c66fad9cb35cbe8e0e3bfac026d5af24bceed67a2c07cb
-
SHA512
6490ff5703016dfa6185639a3fe4259ed7b6300bffd1a36464ed0a01eb3d686e18fd4c73fb6a284153b4f9ca720085eb7dcab1bf1ad0190862b92711802e4f18
-
SSDEEP
96:oaz7xsTmTIoiuzZK3gGSH8wr1iRWwcwHQqyF5n4til3xWZBe1ROx4bSBbi:oaz7xU8ZKfQ8wr1aapSAxf84uu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 01aebc7226abb3be8888bc9d5b2955f4_JaffaCakes118
Files
-
01aebc7226abb3be8888bc9d5b2955f4_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 3KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE