Static task
static1
Behavioral task
behavioral1
Sample
729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118
-
Size
50KB
-
MD5
729e48bf2f40a750ff41f67fa56b550b
-
SHA1
c6756ad59ea442216b3e66309454588e56a42531
-
SHA256
6c55e6f97bf0bc0f747c41be0f4c24506565e70e4cd905bf6824045ddc8d09e5
-
SHA512
1ac108c6c98e1130c9811032b5d5bd485c3ca096470ce49ea5014fd3d0643be8855ad6c304a093e2845ac1ab9424e8d5f1eb3e964bfa4ecf9144a1e5ebcafb6f
-
SSDEEP
1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnb:It7R8fU6n8b
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118
Files
-
729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118.exe windows:5 windows x86 arch:x86
b892955ae494fe908bdf52e81e1dfa4c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect
user32
EndPaint
advapi32
RegCloseKey
shell32
ShellExecuteA
ws2_32
WSAStartup
iphlpapi
GetAdaptersAddresses
Sections
UIJDHTEY Size: - Virtual size: 152KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UIJDHTEY Size: 47KB - Virtual size: 48KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE