Static task
static1
Behavioral task
behavioral1
Sample
5b832c443a4b136f813ec15c84ca0885_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5b832c443a4b136f813ec15c84ca0885_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5b832c443a4b136f813ec15c84ca0885_JaffaCakes118
-
Size
144KB
-
MD5
5b832c443a4b136f813ec15c84ca0885
-
SHA1
53a0d33816600b10c335d7758b0f11150d1db323
-
SHA256
3b9014ef5e9fdd097ce19ee561e58948baa383e2ae333a5cef51e54516612a40
-
SHA512
b81a9bf2c547fae34a2d365677b527eab52708d9be4bff04aea382e1efd9e23fe06bda6c1b86f3604bf721e87216e03018f33bb9c348245b19e7626612fd516e
-
SSDEEP
1536:c6yjDeKAEZoVM7liiW/XPndMn6ziRW3fkOMjcDDpNIAB+5evUjcx40K5ev:ct+Vcs/vTzQW3FHfpNzgevlx40mev
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5b832c443a4b136f813ec15c84ca0885_JaffaCakes118
Files
-
5b832c443a4b136f813ec15c84ca0885_JaffaCakes118.exe windows:4 windows x86 arch:x86
b4f421e66d156140103ac113155b1a12
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord696
MethCallEngine
ord628
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord717
ProcCallEngine
ord644
ord100
Sections
.text Size: 136KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ