Static task
static1
Behavioral task
behavioral1
Sample
1b2e9f165ee61f78d0ebfb1b0479548c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1b2e9f165ee61f78d0ebfb1b0479548c_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
1b2e9f165ee61f78d0ebfb1b0479548c_JaffaCakes118
-
Size
74KB
-
MD5
1b2e9f165ee61f78d0ebfb1b0479548c
-
SHA1
0a65b994533e33ec92836d18380c8d96d7deb84a
-
SHA256
560de89b68e713a8154153e66c4b16d4bb9c8abfefe9960326a394a6abd94a66
-
SHA512
915258571b075bcbdb8cc5252e7773badaae36826637786c147d98aee743c486e4cba78ec2ed5db7c372b8c501a3b5322dc9d5c0243ddf0f8f034f1cea0ffcff
-
SSDEEP
1536:DVzNlLwCWvi3rpBKVAx1YE6T3VVjSAXm/Q7NcP+rpAs/6ZW244:DVhuCXB4AALTFYA2/QhD6ZW2N
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1b2e9f165ee61f78d0ebfb1b0479548c_JaffaCakes118
Files
-
1b2e9f165ee61f78d0ebfb1b0479548c_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 95KB - Virtual size: 94KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ