Static task
static1
Behavioral task
behavioral1
Sample
649930750f614697fa1e17e007603c6d_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
649930750f614697fa1e17e007603c6d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
649930750f614697fa1e17e007603c6d_JaffaCakes118
-
Size
643KB
-
MD5
649930750f614697fa1e17e007603c6d
-
SHA1
6fc21be06725ebb1bedf0d48a2ae91f1debebece
-
SHA256
c99d1b70a8f1ae0224e9f710a75d66098936f7a352670aa0bb2a10ee3415d8fc
-
SHA512
db844acdb11ca1989998c4342f42dd1594ed83c3b0d956f6256cdd2e664f3f64b20935b2830333b06395b4f25999a9d8a765d37e970789b79557615824fbb7d5
-
SSDEEP
12288:Z7MJe4vdTfCsrX8Cwt74khOUbKObQ3IhWu0/YbLIRZ3:Z7M/lfCMX85tXDHhf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 649930750f614697fa1e17e007603c6d_JaffaCakes118
Files
-
649930750f614697fa1e17e007603c6d_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.code Size: 12KB - Virtual size: 124KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.DATA Size: 503KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 426B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 125KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ