Static task
static1
Behavioral task
behavioral1
Sample
66d22ae5f18e419e481fac3782e81275_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
66d22ae5f18e419e481fac3782e81275_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
66d22ae5f18e419e481fac3782e81275_JaffaCakes118
-
Size
622KB
-
MD5
66d22ae5f18e419e481fac3782e81275
-
SHA1
fa77e46fb93d0066e2e90ba636ec08b065241409
-
SHA256
3b0c11dfe24abd62e77954f66e3187eb84dea44cae9ae269b5403da6bfea9ab2
-
SHA512
c61e4389f4a5787da257f4982dec2020be33cad9bc324e53f3eec2173d1426677ae1b03f83125b576f37e78bade8cc97f331bff145823270792c00aa83b00f21
-
SSDEEP
6144:0putRkQsfiV1EBv/VVNa1msyuP06HK74o1e9UjjEW5ls6UFC3Ig/sqvGfqX+wYK2:Lt+fi4vNVAEuhHy4ocnOscYpeFenC3Q
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 66d22ae5f18e419e481fac3782e81275_JaffaCakes118
Files
-
66d22ae5f18e419e481fac3782e81275_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 250KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 371KB - Virtual size: 372KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE