Static task
static1
Behavioral task
behavioral1
Sample
54e6ad627941b2b84ce6dc809666526d_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
54e6ad627941b2b84ce6dc809666526d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
54e6ad627941b2b84ce6dc809666526d_JaffaCakes118
-
Size
193KB
-
MD5
54e6ad627941b2b84ce6dc809666526d
-
SHA1
0090a434a6a26582741702e561b39660c3277f39
-
SHA256
1121bb6a0c81e9e93b9766edbaba91dc00f7b4d6e3f8a8b249447d80ff573762
-
SHA512
f264d40afd8a0029c601643c740906a5e05e3d525a569f6c9bed8380b7fd42d0dc8e0c29049b0f6102ee2f14ddc7f9c16436c1a6d9ca84c086e25b6fdcfd20fa
-
SSDEEP
3072:0Bxv3XPm6eESE0W7oUu+D96HM0XUGXU2Fo21364EoiJeeI+StSqYLj8MfseRd57/:0BxmFFWc1qnVW5GJZ2tNYLj8MfsGXu0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 54e6ad627941b2b84ce6dc809666526d_JaffaCakes118
Files
-
54e6ad627941b2b84ce6dc809666526d_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 51KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 139KB - Virtual size: 360KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE