Static task
static1
Behavioral task
behavioral1
Sample
5f0746939c53c846fca247652b71e778_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5f0746939c53c846fca247652b71e778_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5f0746939c53c846fca247652b71e778_JaffaCakes118
-
Size
84KB
-
MD5
5f0746939c53c846fca247652b71e778
-
SHA1
92dc013756602179cbedc4de51e748e958c080a8
-
SHA256
9c5c5a1a6de8153ee09af90bd2da6f5a8af5626a6acce7da57a90f57db3fb1fc
-
SHA512
0607bfaa1377323366999e09d8b8ba2b418bdf0a7de98073638e4ec34cc5dc717367c20234dce7f27ab58836284188c7ac967b42a91a04aba979cf4f69c296d9
-
SSDEEP
1536:EHCi7jWDvdR+22LDXPaM1nG9QTCS7gXqk75jjvk6dsVdhct:ubjWZ/21Gxoa/5jArVXct
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5f0746939c53c846fca247652b71e778_JaffaCakes118
Files
-
5f0746939c53c846fca247652b71e778_JaffaCakes118.exe windows:5 windows x86 arch:x86
6dcee656bff9b8ea94e2f982b96be403
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
_XcptFilter
_acmdln
strchr
_initterm
_exit
exit
_except_handler3
_adjust_fdiv
free
__p__fmode
strcmp
fwrite
fclose
__getmainargs
__setusermatherr
malloc
abort
fopen
cos
__p__commode
kernel32
VirtualProtect
GetModuleHandleW
GetStartupInfoA
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 580B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ