Static task
static1
Behavioral task
behavioral1
Sample
69c80f46768f499acf221361564493b0_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
69c80f46768f499acf221361564493b0_JaffaCakes118
-
Size
518KB
-
MD5
69c80f46768f499acf221361564493b0
-
SHA1
201f1823b6f876f4d6ef821d82111db11864f188
-
SHA256
e102e23226e5f0a582eabae99bbc62eb10e9f419ca9e398b2a83ada385d85679
-
SHA512
ee74f920766fc2dcf1ff7ff05166217af8201678830eb52aaf884d13d8133669dc86f867930fe237a9e2737ebdcdd92352f11543e421ccb009c7e1eaaf60f32b
-
SSDEEP
12288:YYesk0wZpO69lHyIiSxPmBUgDFrikROUo6NobRIE6LoCu5gVKvXpvq:YQ/w/O5S0BRDNw15gMv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 69c80f46768f499acf221361564493b0_JaffaCakes118
Files
-
69c80f46768f499acf221361564493b0_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 516KB - Virtual size: 516KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 824B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ