Static task
static1
Behavioral task
behavioral1
Sample
5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118
-
Size
1023KB
-
MD5
5c81616e2f0e9c0f6b303611db8f4c64
-
SHA1
c678e3d8429c4afcf24e20d3e8b3cfce5ce1a6cd
-
SHA256
227e0ca601837851c181bd3019c676eb3bd3730568e6262ee625132fff7e16ca
-
SHA512
3563d183a037d939a704a2d5c26364bcb3f9c7f503df9564f3e538aa31a148b50462d51a5e89998cfb496b92adc13db223e0b204f8dda06b5aaf5fdda0c88f06
-
SSDEEP
12288:kFvjWaX0wPSiITt6XzgbngiDWrSVjxuWwzadJtExvaWOiTI7oGBg86PsYO8VZJ4q:IqKpI6GDWrUjxKaEaMCbKZMg8sboFi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118
Files
-
5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118.exe windows:4 windows x86 arch:x86
87bed5a7cba00c7e1f4015f1bdae2183
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
Sections
.nos Size: - Virtual size: 240KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 86KB - Virtual size: 85KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ