Static task
static1
Behavioral task
behavioral1
Sample
0e9e24140d63fdd6ff2438f693cd19c8_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0e9e24140d63fdd6ff2438f693cd19c8_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
0e9e24140d63fdd6ff2438f693cd19c8_JaffaCakes118
-
Size
1.1MB
-
MD5
0e9e24140d63fdd6ff2438f693cd19c8
-
SHA1
ab72f6792af4f4a4cc4a32c63804f9bbe1d84d3b
-
SHA256
c5f33d840f649fa38e245f9e5657150a5382b16d3088e783a40db121e5c13bb0
-
SHA512
0bb81bd7b3512d9cb62d27aa081eac02af75115001093b0a96496e221694fb2a427b7385b0a6c84c9fb21ce4a8327a709724c3b12e58042eb3442770a3ef2b56
-
SSDEEP
24576:XcEZvT9FN4RiGjgVrCETypNCQy3HTZPij3C:XhZvTqdy3HTBijy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0e9e24140d63fdd6ff2438f693cd19c8_JaffaCakes118
Files
-
0e9e24140d63fdd6ff2438f693cd19c8_JaffaCakes118.exe windows:4 windows x86 arch:x86
aadf5c8667fe05f652d8f2e502e2b9d7
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
MessageBoxA
kernel32
GetModuleHandleA
GetProcAddress
Sections
.text Size: 756KB - Virtual size: 755KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 276KB - Virtual size: 274KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ