Static task
static1
Behavioral task
behavioral1
Sample
283ebf9642b5ac9b0df71f5a78eb87eb_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
283ebf9642b5ac9b0df71f5a78eb87eb_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
283ebf9642b5ac9b0df71f5a78eb87eb_JaffaCakes118
-
Size
54KB
-
MD5
283ebf9642b5ac9b0df71f5a78eb87eb
-
SHA1
d675df76c2fac1afbb6e25bdbb79f2453b007d91
-
SHA256
2483d456513094bf53f0387cecca4200264e2b3d335e22da612a706433e818ff
-
SHA512
fd7a91742861fc42eec1743b76b9508f73ad7bd07fd16e590e725bbd07ef73a62c5462feeb832d211aa21139dada098bff9df4acb8fa2347eab78cb65b398a93
-
SSDEEP
768:wghIU0S6pM8jQSGLcdDVnvZIl9qYs3h49gffS6q91dTVe0b3sZVfN1pksn3xjnd0:T0pk5cjvZGqYMsgG91HbbsVfNnVxjMy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 283ebf9642b5ac9b0df71f5a78eb87eb_JaffaCakes118
Files
-
283ebf9642b5ac9b0df71f5a78eb87eb_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
CODE Size: 49KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE