Static task
static1
Behavioral task
behavioral1
Sample
34e6497c935b6ad6f255be02740b3e68_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
34e6497c935b6ad6f255be02740b3e68_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
34e6497c935b6ad6f255be02740b3e68_JaffaCakes118
-
Size
347KB
-
MD5
34e6497c935b6ad6f255be02740b3e68
-
SHA1
d69a2ef21c239a5e3a70a0061385a4359530e02f
-
SHA256
400713e6dba8268fe174406ae6fb2a3c2f06501a279f18906992949ccc69a19d
-
SHA512
436fc3170187c6ff252a5db01da0a046bdaf03eea731673a830892a4d14cf05e7cfb3c676e1ca56a4c6f6a6e2ad0aef2cb51ae34749cb229e8cfb77fe7d0580a
-
SSDEEP
6144:8l7t7qzPBNXoFthUC9i5/978mwLv24+C7VHapy31W4E1TbNEC/Zi5fJo8/mb:8l148UC9i5y+Fb4EZN/S/mb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 34e6497c935b6ad6f255be02740b3e68_JaffaCakes118
Files
-
34e6497c935b6ad6f255be02740b3e68_JaffaCakes118.exe windows:4 windows x86 arch:x86
c1677b92494019eab071555092e5a6b8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualAlloc
GetModuleHandleW
CloseHandle
SetUnhandledExceptionFilter
DeleteCriticalSection
TerminateProcess
LeaveCriticalSection
GetLastError
Sleep
Sections
.text Size: 341KB - Virtual size: 340KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ