Static task
static1
Behavioral task
behavioral1
Sample
0856abdc306079c03c7259d2ce062080_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0856abdc306079c03c7259d2ce062080_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
0856abdc306079c03c7259d2ce062080_JaffaCakes118
-
Size
76KB
-
MD5
0856abdc306079c03c7259d2ce062080
-
SHA1
6f43a67ad6b555e22870b6ea558dcef1784f14d5
-
SHA256
2058fa73b8545a5c902b1a2611f8cf93246ddf950c9fe277afac81c6fe1ccb1f
-
SHA512
fd9db9de0d1d6abb02588efcde94cb6d48d5322c4c44105fb24527232b15f31ed4b4a176656c66b93a3e0e0d7912ed10d50122eb2a607c8e790caf9c003badd2
-
SSDEEP
1536:FGDN49Irch18ZOPP8F38tSZ47+VRUa7NpsCpjVrs2ryrd1vUQuq6:cDe9Irch18ZtFsta4URj7XHs2qo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0856abdc306079c03c7259d2ce062080_JaffaCakes118
Files
-
0856abdc306079c03c7259d2ce062080_JaffaCakes118.exe windows:4 windows x86 arch:x86
a2db359bac3761b3903e4ba7dea67e0a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteProfileSectionW
_lcreat
SetFileShortNameW
LocalLock
FatalAppExitA
SwitchToThread
VirtualLock
RestoreLastError
ExtendVirtualBuffer
OpenFileMappingA
GlobalGetAtomNameA
FileTimeToLocalFileTime
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.brdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE