Static task
static1
Behavioral task
behavioral1
Sample
3d626f1cb6fcef93c78255f860e36548_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3d626f1cb6fcef93c78255f860e36548_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3d626f1cb6fcef93c78255f860e36548_JaffaCakes118
-
Size
52KB
-
MD5
3d626f1cb6fcef93c78255f860e36548
-
SHA1
768c552dfc10eef79fe08dff6861c7286af885c9
-
SHA256
1bf3d139e1172fa6f9b49d800c748c5bd0bf5a433885ee272033d18dbd96546f
-
SHA512
5092726db168db3ac88bf39e2ca1f74eddfec62177324a9fe68b59527075f4790d1f377e92d3ae1c4aa3e7e56d2806dc244e10ad89537c25f3a723d490abe8be
-
SSDEEP
384:nV9EU+CadSX3+MXo9NkiCptf8gdJ+GkepS+kYCA5hfxx3do:V/OYXuMSkiCjf8FGoifxx3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3d626f1cb6fcef93c78255f860e36548_JaffaCakes118
Files
-
3d626f1cb6fcef93c78255f860e36548_JaffaCakes118.exe windows:1 windows x86 arch:x86
394a515fc93d8f0f904c9e8239703267
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameA
GetTempPathA
GetTickCount
RtlUnwind
crtdll
__GetMainArgs
atol
exit
fclose
fgets
fopen
fputs
fseek
ftell
getc
memmove
printf
putc
raise
rand
signal
sprintf
srand
strcat
strcmp
strcpy
strlen
strncpy
system
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 294KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 88B - Virtual size: 88B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 822B - Virtual size: 822B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 924B - Virtual size: 924B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE