Static task
static1
Behavioral task
behavioral1
Sample
0e25b4607feca2fed734ffab2891907d_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0e25b4607feca2fed734ffab2891907d_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
0e25b4607feca2fed734ffab2891907d_JaffaCakes118
-
Size
2.2MB
-
MD5
0e25b4607feca2fed734ffab2891907d
-
SHA1
beaba8421f2cd1f88b14e5ae6d1c8eb5cdc46e9e
-
SHA256
5ee994aa611da530de34e9c1eb09f3e9cda23cb04348d84af985588c678c84a8
-
SHA512
560828434255d008155f4ee41ae963cacb99e2c5b5c371a749b0115a2d2b6c312e97f55cc2fbb918e80d6ce83650e50dc15b4f02403289b45af3ea4dca0b0353
-
SSDEEP
49152:Pn5hlEvyTYPeXeM2RaNRlrysrS2+Ha0E6ojNCnqHBaCLIS+PXXQW4c:P5hlEQhtpREsn+60E6fn2jYgW4c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0e25b4607feca2fed734ffab2891907d_JaffaCakes118 -
NSIS installer 2 IoCs
resource yara_rule sample nsis_installer_1 sample nsis_installer_2
Files
-
0e25b4607feca2fed734ffab2891907d_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 3KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 36KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.oli Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE