Static task
static1
Behavioral task
behavioral1
Sample
412e8e942c7d8134e13d83ce8f343128_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
412e8e942c7d8134e13d83ce8f343128_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
412e8e942c7d8134e13d83ce8f343128_JaffaCakes118
-
Size
70KB
-
MD5
412e8e942c7d8134e13d83ce8f343128
-
SHA1
88be1c08ef887177ca2fce5bd0c01c1d939e4932
-
SHA256
d3852993110366db420168cc2a916c33db618f637fe294907681576e7deb1db8
-
SHA512
dce818dd9d3f1130324a82b382ff05b7d2597fe7652ad5308f700b98af308f0348c80633eb5b79ba2fd30072287a73455107b74cb315a3202ecadfe9faa9e89d
-
SSDEEP
768:SiDEULDtqZ4LGAsiIw8cn5ODBrDquXQ+xslIYsol7d1P1WNTsxNMDnqN:S2DVQ1dw8E5ODZquXQ+C7J10NTsxMqN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 412e8e942c7d8134e13d83ce8f343128_JaffaCakes118
Files
-
412e8e942c7d8134e13d83ce8f343128_JaffaCakes118.exe windows:4 windows x86 arch:x86
c8f468f0ff692b97e5d3e75acb48062b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
VirtualProtect
Sleep
SleepEx
GetProcAddress
LoadLibraryA
GetTickCount
CreateFileA
WriteFile
ReadFile
GetModuleHandleA
VirtualProtect
Sleep
SleepEx
GetProcAddress
LoadLibraryA
GetTickCount
CreateFileA
WriteFile
ReadFile
Sections
.text Size: 69KB - Virtual size: 72KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE