Static task
static1
Behavioral task
behavioral1
Sample
654a6fca68d81aff1cff12221bf0c078_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
654a6fca68d81aff1cff12221bf0c078_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
654a6fca68d81aff1cff12221bf0c078_JaffaCakes118
-
Size
113KB
-
MD5
654a6fca68d81aff1cff12221bf0c078
-
SHA1
2151e378209c2536825ce430c1580d8174d04cb0
-
SHA256
0c8232cd5bc67ee09f15796f643fbc614aadd19d672531c799a59a622084b775
-
SHA512
2cc2147e6e8d55a1acd99037e238f16326e0da3069ae746fb803bd9c1bd276e90552e6cf062a16121158d772020abd9710cddf3358fe945031f1787ebb93019c
-
SSDEEP
1536:5BF7spai1/nxOZJWIRAA6KSUDvEjoKvMFgBLwlUuqhlD/bKbK1vjPK5ff+qyV+85:5BF7spaKnxOZ7N/SKEjlFj18uq8+89
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 654a6fca68d81aff1cff12221bf0c078_JaffaCakes118
Files
-
654a6fca68d81aff1cff12221bf0c078_JaffaCakes118.exe windows:4 windows x86 arch:x86
105c7d06e555c0c3f1a515ec5739c018
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualAlloc
SetLastError
VirtualFree
Sleep
ExitProcess
user32
CharNextA
winmm
timeSetEvent
comctl32
InitCommonControls
Sections
.text Size: 512B - Virtual size: 212B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 66KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ