Static task
static1
Behavioral task
behavioral1
Sample
54d36d7af43725550fdd099ea1efd443_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
54d36d7af43725550fdd099ea1efd443_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
54d36d7af43725550fdd099ea1efd443_JaffaCakes118
-
Size
249KB
-
MD5
54d36d7af43725550fdd099ea1efd443
-
SHA1
4fb5178727a10fe58bdfbf1c3628e3a9e1c69d9a
-
SHA256
e1b5864fad55155ea7d5f2cce750927ed1c027a675e775a9a67db8c0d3b50da8
-
SHA512
d8406d336352ebe9c6f4ecbb829386a3f716beb81890696c2a144b879cd3cbeafad3811d3b0564b98497434f2c16309a4c2059ad6ad3d3ec8aca1011d8367d7f
-
SSDEEP
6144:85r1lTtmuoca6EBp27UMTqGC+xZQ5p7IN:OzTtmuoca6cp4ql+Sp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 54d36d7af43725550fdd099ea1efd443_JaffaCakes118
Files
-
54d36d7af43725550fdd099ea1efd443_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 171B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 207KB - Virtual size: 206KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ