Static task
static1
Behavioral task
behavioral1
Sample
7158856df3d3b6123f6dd214ff7ac91f_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
7158856df3d3b6123f6dd214ff7ac91f_JaffaCakes118
-
Size
104KB
-
MD5
7158856df3d3b6123f6dd214ff7ac91f
-
SHA1
3f6843cc100942842d8564de7c69635718faad0c
-
SHA256
b76a2699e4e79dd0da94ccb1a3f793cece0da8daaa122c052e1a706cac5f8a6f
-
SHA512
cdf48ef8e5c1577b85e31046538c4780c275840a85918324203ecf4ebfc8f590b03ac792a6e9b4f31bf2decf15a0e4d70d59d98e7bca1e86d51cbb333eb2c56e
-
SSDEEP
3072:9gIpT1t2YXm8XdstQculie6qbcU5jwaaHw7Koj4ro:aIx1dX3XCt2bB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7158856df3d3b6123f6dd214ff7ac91f_JaffaCakes118
Files
-
7158856df3d3b6123f6dd214ff7ac91f_JaffaCakes118.exe windows:65535 windows x86 arch:x86
7f83156dc40554469897eab384394be2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetDateFormatA
msvcrt
_except_handler3
__set_app_type
__p__fmode
_adjust_fdiv
_initterm
__p__commode
__setusermatherr
Sections
.text Size: 60KB - Virtual size: 188KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 5KB - Virtual size: 8KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsr1 Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE