Static task
static1
Behavioral task
behavioral1
Sample
2abb4691ffe01a4b8c936172b4992d8c_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2abb4691ffe01a4b8c936172b4992d8c_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2abb4691ffe01a4b8c936172b4992d8c_JaffaCakes118
-
Size
848KB
-
MD5
2abb4691ffe01a4b8c936172b4992d8c
-
SHA1
0b0270b48a239c32f4f99ef1e5d0ef58d9672290
-
SHA256
9d5f64e9bb0909b442053b053f8bc6edfd0c61e369912b772f0cffb31974d077
-
SHA512
7d3cd0682077a1b9372c7b6c72c126025e37f49ed51bb7a2bce6165ded963914cf85726c05a52112466efb8a978833ba5d8a1184c5ef44e7be42a81e6045371a
-
SSDEEP
6144:onIgK54IQzeeeL4/Qq56nIgK54IQzeeeL4/0uV3:oIgKKM4Yq56IgKKM4sU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2abb4691ffe01a4b8c936172b4992d8c_JaffaCakes118
Files
-
2abb4691ffe01a4b8c936172b4992d8c_JaffaCakes118.exe windows:4 windows x86 arch:x86
b8d04caf52ac023de8a509362c08e676
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord696
MethCallEngine
ord516
ord628
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ProcCallEngine
ord644
ord572
ord100
Sections
.text Size: 524KB - Virtual size: 524KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 320KB - Virtual size: 320KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE