Static task
static1
Behavioral task
behavioral1
Sample
5fd5470488e9bf7eb56a52607bf1c49e_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5fd5470488e9bf7eb56a52607bf1c49e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5fd5470488e9bf7eb56a52607bf1c49e_JaffaCakes118
-
Size
66KB
-
MD5
5fd5470488e9bf7eb56a52607bf1c49e
-
SHA1
69ce9d99555a167e6b58dbe1eaf6ae957330826c
-
SHA256
d0f9772b8ab725f9b0e225511e13fa0909e5d8b6d391b2a3ee8bf1af1dea798d
-
SHA512
3556800fc176c32e3b2ac45c2cc81461d88b84f008e25db1a597fe4736583d49a320d45a5f4ea0eb18daf7ba85b4ab2313c9d1467041a4dffe7dde14130e2232
-
SSDEEP
1536:64KVB3o0SN5qbLVE9nfhfSd+enfD7KOB1a2FXOVFvs3MPPgh5hiF2:65XYZHcQZ6d+Y3DBzeFU3QIh5hI2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5fd5470488e9bf7eb56a52607bf1c49e_JaffaCakes118
Files
-
5fd5470488e9bf7eb56a52607bf1c49e_JaffaCakes118.exe windows:4 windows x86 arch:x86
a36da1dfe07814a4c2ecd1f574b2f064
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpyn
GetNumberFormatW
GetAtomNameW
GetCurrentProcessId
GetTickCount
_lread
TlsFree
Process32NextW
GetSystemDefaultLangID
OpenFile
ZombifyActCtx
TzSpecificLocalTimeToSystemTime
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE