Static task
static1
Behavioral task
behavioral1
Sample
3573debe7d998f37bace27159b8eb0dd_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3573debe7d998f37bace27159b8eb0dd_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3573debe7d998f37bace27159b8eb0dd_JaffaCakes118
-
Size
74KB
-
MD5
3573debe7d998f37bace27159b8eb0dd
-
SHA1
530a36307458a45f4908c8c05b7457c017ff07b3
-
SHA256
1973191748f12ca24cbe8846b427bc1ff88277f68fb07d8e02bd74a676c7286c
-
SHA512
958266e947d475fd2a1aa2c5011abd7361f92d3e78d4f46664d806ec004a21f9d8a3a9a0df189956e67c801bf5b77152d5d8326f6f41d22e670035c8891edf21
-
SSDEEP
1536:CsNoYO4GeRRqjTdSCtZ32c3IAxViyTfw3+cq5LlNS5:9vGaKdSCtzYOlw3+955E
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3573debe7d998f37bace27159b8eb0dd_JaffaCakes118
Files
-
3573debe7d998f37bace27159b8eb0dd_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 69KB - Virtual size: 288KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE