Static task
static1
Behavioral task
behavioral1
Sample
43821ad675ccb96324d1f6a16240b01d_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
43821ad675ccb96324d1f6a16240b01d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
43821ad675ccb96324d1f6a16240b01d_JaffaCakes118
-
Size
36KB
-
MD5
43821ad675ccb96324d1f6a16240b01d
-
SHA1
02a04c2b3732a071b728d7e72f2092191d460cae
-
SHA256
f1d784f4dcdb6a063519778161ec8ee46d6227f958c52b93cf9a92c82d8ff1c8
-
SHA512
01723dd9005abd2691b334a1a90df887ed6d26c937c9f66d1f940ff7b161a029f2879565feb4f15683876b37cc216ff0f3c453c84c515a82997b817c7232746a
-
SSDEEP
384:bnKD+KDWTmG5zCVACEdeQm+KoedmWT3L2xMK59Xdv2L1yTTf6w83JHBu:NCGRUACEdTs5rL2nPTf61h
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 43821ad675ccb96324d1f6a16240b01d_JaffaCakes118
Files
-
43821ad675ccb96324d1f6a16240b01d_JaffaCakes118.exe windows:4 windows x86 arch:x86
4eedc55c67ce8667cfe3d753dcb4816c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
msvbvm60
MethCallEngine
ord516
ord595
ord709
ord631
ord525
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ProcCallEngine
ord537
ord570
ord648
ord685
ord100
ord616
ord618
Sections
.TEXT Size: 28KB - Virtual size: 25KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.DATA Size: - Virtual size: 3KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.r2rc Size: 4KB - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ