Static task
static1
Behavioral task
behavioral1
Sample
0eb634406d210da625c2269dc9b50bfc_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0eb634406d210da625c2269dc9b50bfc_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
0eb634406d210da625c2269dc9b50bfc_JaffaCakes118
-
Size
92KB
-
MD5
0eb634406d210da625c2269dc9b50bfc
-
SHA1
494618cffdf742f254a8c2c1c6e88ba229a64957
-
SHA256
928f6e9bcdd823f610f8308b6030f8d3c08549b08bc595fbf3ff31503fa9e0c1
-
SHA512
f438a2f21f2516b7367eab89d2d82d074999665b1e1c784449a680c5046a690ffbcb5795d62373ce72c52f5e13841c12beaed7808aa7672edfecb1be1ef3254f
-
SSDEEP
384:ZKbc6AcNEmi9q1S1nfh+5GhTK7N5EG7Zfxyi4J03mukLn3gkiL5lxGN3rBLuRzaS:Ibc6jG0GCIi2/MEgFSDE+K1Cc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0eb634406d210da625c2269dc9b50bfc_JaffaCakes118
Files
-
0eb634406d210da625c2269dc9b50bfc_JaffaCakes118.exe windows:5 windows x86 arch:x86
ba9778150f361cda6698c7224e16ad92
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcessHeap
GetSystemInfo
SetConsoleCursorInfo
HeapAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
SetConsoleCtrlHandler
HeapFree
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
IsDebuggerPresent
user32
GetSystemMetrics
GetSystemMenu
gdi32
GetSystemPaletteEntries
Sections
.text Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ