Static task
static1
Behavioral task
behavioral1
Sample
7052e1c4390bd7585f9d297e9e5c1f8e_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
7052e1c4390bd7585f9d297e9e5c1f8e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
7052e1c4390bd7585f9d297e9e5c1f8e_JaffaCakes118
-
Size
369KB
-
MD5
7052e1c4390bd7585f9d297e9e5c1f8e
-
SHA1
123518f763a54ab7cbc9dc3588b821bb23053995
-
SHA256
a45caa6ad2856d14add8ae981e4193bebdc507f4ab25c6a295e65c0390492c69
-
SHA512
0e067345f197b3c91bade0462a21652ada2e55a25305b82852e0c28adb2c5f19a782a84dd4da35bc84e405a2ef5abed69f23c8f9f8fb504e5654c49b0b9f83b7
-
SSDEEP
6144:XVj8MTdtZTSPs4JhEqJTd2kNjA8qUenmcSR0zKXUTFRgPvSCsDr3rtspevfHD:XV1tc/pdrqrSWdJRSHsDrGevPD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7052e1c4390bd7585f9d297e9e5c1f8e_JaffaCakes118
Files
-
7052e1c4390bd7585f9d297e9e5c1f8e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 106KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 18KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 79KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sdjedrf Size: 157KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE