Static task
static1
Behavioral task
behavioral1
Sample
5e989ab1f466f9922cade3c3b1fc9590_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5e989ab1f466f9922cade3c3b1fc9590_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5e989ab1f466f9922cade3c3b1fc9590_JaffaCakes118
-
Size
148KB
-
MD5
5e989ab1f466f9922cade3c3b1fc9590
-
SHA1
a29b20609b8a103622fbea3da4605819401b4c07
-
SHA256
14477361cb00256d2dbd2a2aa7bb2b6834366c9954c765696e83558f24b99ce4
-
SHA512
717dd3bbd029c0a6e911a84695b3b4adfd78ef60aaee081b931424f0c4b09476b51aaadd4ace3274183bfd84615af8e6bf55628f349d378a3ed6f23cfef789bf
-
SSDEEP
1536:cS6kHfA6wKBZbryh0Vttv+7NAxvwawO90vjZR:PLI4t65vjv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5e989ab1f466f9922cade3c3b1fc9590_JaffaCakes118
Files
-
5e989ab1f466f9922cade3c3b1fc9590_JaffaCakes118.exe windows:4 windows x86 arch:x86
5c098f0b772a35e7a903d5e721730966
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord690
ord696
MethCallEngine
ord516
ord628
ord593
ord594
ord598
ord709
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord717
ProcCallEngine
ord644
ord645
ord648
ord571
ord100
ord689
ord617
Sections
.text Size: 140KB - Virtual size: 136KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ