Static task
static1
Behavioral task
behavioral1
Sample
679539493a3a4b5d17c704e96ff004f6_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
679539493a3a4b5d17c704e96ff004f6_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
679539493a3a4b5d17c704e96ff004f6_JaffaCakes118
-
Size
48KB
-
MD5
679539493a3a4b5d17c704e96ff004f6
-
SHA1
ee4cbb6480430ad30d3f72217c728bdcc7f63f3c
-
SHA256
1103eecf7d4d08083a1e260a485c21c413883a3ddae2ec9cecc55d3d562d26b1
-
SHA512
e9d63b40c3a3142a3ac37e4a287ee3927d504caad06e27386e682e269eddb86fcd0b02cd8cabd8b44171c83d958a3be4e8a81e500d682a591aaf97bdd6f7d313
-
SSDEEP
768:I7GH0YMEp65XzlkaWh3rCQIxw72RY6sIzVZkX4QRj7ZOdlxxHfNV8ea:gBmrNIS71IzVw7ZMlXNV8j
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 679539493a3a4b5d17c704e96ff004f6_JaffaCakes118
Files
-
679539493a3a4b5d17c704e96ff004f6_JaffaCakes118.exe windows:4 windows x86 arch:x86
fc9d138c04019f824893df42d4c131de
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
BindIoCompletionCallback
CreateProcessW
GetPriorityClass
_lwrite
InitAtomTable
CopyFileW
HeapUnlock
GetDllDirectoryW
CheckNameLegalDOS8Dot3A
DnsHostnameToComputerNameW
VirtualFreeEx
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE