Static task
static1
Behavioral task
behavioral1
Sample
3ceadc0d1932df0e251a5d4edb472969_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
3ceadc0d1932df0e251a5d4edb472969_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3ceadc0d1932df0e251a5d4edb472969_JaffaCakes118
-
Size
164KB
-
MD5
3ceadc0d1932df0e251a5d4edb472969
-
SHA1
291bdd1a2de2770db4ae4a8f2e347edb66a1a20f
-
SHA256
07203daf222718c7f269bc49a710028e16b705ef8f2a30082945dabd4ea7873a
-
SHA512
50fd3d923cf660f78d9575a8b0f72fd5b38ff08979592c01aecc585d1b85edb75427cd3df71cfd51387e72cbee5e33466dbed55d4529c280b776983128126e3e
-
SSDEEP
3072:8tfIjNWH/6P1R4qOwEvIXgTeaVmpJ6G5RkgO7waOU/ipdN:8ZIBa/6PTOzAQTeaVC3/4wE4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3ceadc0d1932df0e251a5d4edb472969_JaffaCakes118
Files
-
3ceadc0d1932df0e251a5d4edb472969_JaffaCakes118.exe windows:5 windows x86 arch:x86
6b28f93d550fb1ac649e6ed191ea3196
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileA
OpenProcess
DeleteFileW
lstrlenW
GetCurrentProcess
VirtualAlloc
RtlMoveMemory
VirtualFree
user32
CharNextA
GetDesktopWindow
Sections
.text Size: 1024B - Virtual size: 647B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Pmudiq A Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 62KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ