Static task
static1
Behavioral task
behavioral1
Sample
0531f71bdc212a056713b7e98e3977cf_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0531f71bdc212a056713b7e98e3977cf_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
0531f71bdc212a056713b7e98e3977cf_JaffaCakes118
-
Size
255KB
-
MD5
0531f71bdc212a056713b7e98e3977cf
-
SHA1
e53f74ad0006fd1760d83dc422775a44766b0ad5
-
SHA256
1960b1006570ac63af82c3fb1b307c17b2412b6257b5c6450439d103c1896f34
-
SHA512
4c341399fa3f2ea5c9e97d960878e288dab79f78130ef11bc269d41b6e2737bb37de5c1d089fd3a41eaf0381c4f2836304a4e97185f9c914598d1d280931740e
-
SSDEEP
3072:LHxv5TKZ7aMyIpRxHJzqSPgoaOZRE7pRS56dXrv2sQC3YzHkyjZaFpV0oiZEiEQJ:1v5T1MfplL+O2vSYeEOZiSoguQn+tBZE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 0531f71bdc212a056713b7e98e3977cf_JaffaCakes118
Files
-
0531f71bdc212a056713b7e98e3977cf_JaffaCakes118.exe windows:5 windows x86 arch:x86
f433e7fcc51e68080022754836705744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree
user32
MessageBoxA
Sections
.text Size: 143KB - Virtual size: 364KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
6mz71k76 Size: - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
js7gsg3d Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
i09kycd1 Size: - Virtual size: 92KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
6dnu8yqo Size: 110KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
y3akl981 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ