Static task
static1
Behavioral task
behavioral1
Sample
1c5bf532937789fb47ac1fe5bb4248ee_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
1c5bf532937789fb47ac1fe5bb4248ee_JaffaCakes118
-
Size
1.1MB
-
MD5
1c5bf532937789fb47ac1fe5bb4248ee
-
SHA1
c15e22036807d942934f2c48f6df385be2e89af8
-
SHA256
ba03ab391ebacff7cd602a3f90d0b344b605a4c75d59679a616603ad58b97953
-
SHA512
1531c726e714426d2fb8060902f9387f72b33fa9c3df1492153082a61d1a68f4ae14de8f9aff5b65ab9abbf4525b4f5e2705ef700545e13b925830f40e85358f
-
SSDEEP
6144:UWHoMzl/CwTJ3rYBfkQR20eDnnexUvgHNInp4SmcvQpDMc:UYoMZKYYBcQRCznexU4Hyn2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1c5bf532937789fb47ac1fe5bb4248ee_JaffaCakes118
Files
-
1c5bf532937789fb47ac1fe5bb4248ee_JaffaCakes118.exe windows:4 windows x86 arch:x86
80f4e4ab863c7e1982228d9e4de9e4e3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord516
ord626
ord667
ord595
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord530
ord608
ord716
ord717
ProcCallEngine
ord537
ord644
ord647
ord570
ord648
ord573
ord576
ord685
ord100
ord616
ord619
ord580
Sections
.text Size: 380KB - Virtual size: 376KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.DbjUT Size: 688KB - Virtual size: 688KB
IMAGE_SCN_MEM_WRITE