Static task
static1
Behavioral task
behavioral1
Sample
14fdcfd58e373d5e3bf3455d326a5dc9_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
14fdcfd58e373d5e3bf3455d326a5dc9_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
14fdcfd58e373d5e3bf3455d326a5dc9_JaffaCakes118
-
Size
1.2MB
-
MD5
14fdcfd58e373d5e3bf3455d326a5dc9
-
SHA1
905404e23175634a77e540c330b5da16fe50a8c1
-
SHA256
4010daa8caa20dc5e05b755d0c64fbcd81c00f9163a3caa77dc267d520cdd13b
-
SHA512
e9cff120590953f33c5fd5c35652fb7e5335c0889742960147e3a2b7e563f6b6c0df0ef9e50c62bcf19a4b35edf06683311407a9986578f6d963a4af7d14ba29
-
SSDEEP
24576:4o/UxlrohHXToc0K9Q6vSVoB7gQTNbkMGX8a4rkguY:4o/UxChHjoc0K9lvS2B7eCrkguY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 14fdcfd58e373d5e3bf3455d326a5dc9_JaffaCakes118
Files
-
14fdcfd58e373d5e3bf3455d326a5dc9_JaffaCakes118.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ