Static task
static1
Behavioral task
behavioral1
Sample
5b6944f7e477a0bc293c9b1f1492192d_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5b6944f7e477a0bc293c9b1f1492192d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5b6944f7e477a0bc293c9b1f1492192d_JaffaCakes118
-
Size
211KB
-
MD5
5b6944f7e477a0bc293c9b1f1492192d
-
SHA1
641a7e8d6ce3400b7616861d89a4b93a886cf541
-
SHA256
041fbe8f722dda5ab2e920e24fdcea91e15a96722e9f03f9ca13b808c09a657e
-
SHA512
6fc5d8329eb6f805b338512c77538c2f951f91fc6001e64fd3300cf3c6c164d9fcfd5bc97f36ada8f83ab63d0ec95853969d70f617b8dd353f2fd740f0f6f28f
-
SSDEEP
6144:lPDUOq6nBvrPHGkfElJL2fVK7NQH5gmQL5S3LZbUlP:pv1BjGLnLqY6H5gmQQ3LZbUlP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5b6944f7e477a0bc293c9b1f1492192d_JaffaCakes118
Files
-
5b6944f7e477a0bc293c9b1f1492192d_JaffaCakes118.exe windows:1 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 278KB - Virtual size: 278KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 736KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ