Static task
static1
Behavioral task
behavioral1
Sample
5bd61a957080d1575f036df500eeda0a_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5bd61a957080d1575f036df500eeda0a_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5bd61a957080d1575f036df500eeda0a_JaffaCakes118
-
Size
188KB
-
MD5
5bd61a957080d1575f036df500eeda0a
-
SHA1
1a10385e701709a3ba9184bbb331e3818cbd6f07
-
SHA256
2a3649f47384a991f3a372e4d0897334536b38a09f96a7066b7f631487575a49
-
SHA512
fbea73ac281c3078e8b509887732dfa26412e42506156acf3472d8a09cc8d75461bc39f1a6cd3b2677dd2895aebaeb4478b0675cd4d9b8166dc877e07f3a814d
-
SSDEEP
3072:+l5KShIajeY7+K8m3QhGghhOPfB2OHBPDQH6pfzjwqLpq6+bzmn66gspVfP6ty11:+lL7+u3QhGghhOPJ2OhPDQH6pLjwqLps
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5bd61a957080d1575f036df500eeda0a_JaffaCakes118
Files
-
5bd61a957080d1575f036df500eeda0a_JaffaCakes118.exe windows:4 windows x86 arch:x86
8385412ea8d01b4d587b04019e72abb6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord584
ord585
ord587
MethCallEngine
ord666
ord593
ord300
ord301
ord595
ord598
ord306
ord520
ord307
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ord716
ord717
ProcCallEngine
ord536
ord644
ord537
ord645
ord571
ord573
ord575
ord685
ord100
ord617
ord619
Sections
.text Size: 180KB - Virtual size: 176KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ