Behavioral task
behavioral1
Sample
2757eb228759ab2f13a25566c2018039_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2757eb228759ab2f13a25566c2018039_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2757eb228759ab2f13a25566c2018039_JaffaCakes118
-
Size
10KB
-
MD5
2757eb228759ab2f13a25566c2018039
-
SHA1
a40cfa2fc94c629e1637e99185071fb9c3a44a0e
-
SHA256
c77a0fccd876d20d245cae7b294bf8e30c08ff43f76addfa4223a13430e9112c
-
SHA512
ef09e10f1e0a161e658d7d631d7ae52d5c6106cc00c327fc788de1d7ed6eb59c00d934587bfe99d36da558635ef89e3b7882cb770085da23df5114a2a49cead4
-
SSDEEP
96:nP0CGJYGas1vHB0NjXyDZSRv9feV7ctddPqPnNPxfkhIkr7HBHQNwINUZW:n8CWhh0hydS4YddiPnNu6kr7hHQwW
Malware Config
Signatures
-
ModiLoader Second Stage 1 IoCs
resource yara_rule sample modiloader_stage2 -
Modiloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2757eb228759ab2f13a25566c2018039_JaffaCakes118
Files
-
2757eb228759ab2f13a25566c2018039_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 333B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 548B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 4B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 492B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ