Static task
static1
Behavioral task
behavioral1
Sample
01559a3880b976ffbc703ed70949f2d2_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
01559a3880b976ffbc703ed70949f2d2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
01559a3880b976ffbc703ed70949f2d2_JaffaCakes118
-
Size
304KB
-
MD5
01559a3880b976ffbc703ed70949f2d2
-
SHA1
d52245e0a05faaedad8cb5413e17fe5d2f1b9ee5
-
SHA256
0403e90716cf3657a6ecdd798f9ef1b7e7cbff91901d692ec8affd3ebbc67206
-
SHA512
ee86c6b109319ef6fcd665f7f65cfcccf7e83ca306cc8d8fc6dd848f59cc367f840d1de388ce1f57a068705f944f8438001d671e4f925a199d6075f821e617cb
-
SSDEEP
6144:uBozIRslRTksH8mGfVEJ4W4sV4rgjL4/QHwJRQwn5j9KqX6nQ+Tac:bzrlJDH8Jf6r4s+rEMoQJRQw5j9T6R
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 01559a3880b976ffbc703ed70949f2d2_JaffaCakes118
Files
-
01559a3880b976ffbc703ed70949f2d2_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xxxxxxx Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xxxxxxx Size: 104B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE