Static task
static1
Behavioral task
behavioral1
Sample
05b11f3c1773e9648e23c07e1a9f176b_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
05b11f3c1773e9648e23c07e1a9f176b_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
05b11f3c1773e9648e23c07e1a9f176b_JaffaCakes118
-
Size
6.2MB
-
MD5
05b11f3c1773e9648e23c07e1a9f176b
-
SHA1
57e5fabb54c61ea2241f17f9d72b62593f28b2bf
-
SHA256
b0b67b8abe5d6a86cfd0c23b49327de4308834a480ad324bd6bc6fc27b2afc9c
-
SHA512
a2a6fc117c309cc9779ce1f8afe0eeeb2c148e1259cc59f894f0f4cbd0afa82f206c4a06fa07e0c16a25a265a7d550e218a5f2860eac8c41483a2c09ae212b90
-
SSDEEP
3072:O+Q8wJno2d+Q8wJno2y37DTEClZ+Q8wJno29LvABXwoEJ8WQ+:nlw9qlw9SDTEClklw9Z3WW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 05b11f3c1773e9648e23c07e1a9f176b_JaffaCakes118
Files
-
05b11f3c1773e9648e23c07e1a9f176b_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ