Static task
static1
Behavioral task
behavioral1
Sample
5ba5d78961bb32a63b1993b2c3c22257_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5ba5d78961bb32a63b1993b2c3c22257_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5ba5d78961bb32a63b1993b2c3c22257_JaffaCakes118
-
Size
450KB
-
MD5
5ba5d78961bb32a63b1993b2c3c22257
-
SHA1
0e5bcdc1a8ccd7c6906a5178419a68b76dc54504
-
SHA256
ebef4a268dfab49a8692aa813853ebe04951cf1f45f94091800ef1f990fcd6df
-
SHA512
ff491a7694213718a4666bc15b53275ad4442325d6dec38caa31dfc69030803a32090f51752f31234e8512510aa4dee31d0990834b86fb4b9f3f6d99c47b9b05
-
SSDEEP
6144:CRHm2k9Iv2kGXevaiWdiRM3LxGofJvxZjBHif+B8TToUkbii2f9DhHW6L3RT1DW3:M+YvO0RMbxGo7FBJB8nkbmfJF1iXcYh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5ba5d78961bb32a63b1993b2c3c22257_JaffaCakes118
Files
-
5ba5d78961bb32a63b1993b2c3c22257_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 441KB - Virtual size: 504KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE