Static task
static1
Behavioral task
behavioral1
Sample
756d916c3ef82863112dbc686d981d66_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
756d916c3ef82863112dbc686d981d66_JaffaCakes118
-
Size
2.1MB
-
MD5
756d916c3ef82863112dbc686d981d66
-
SHA1
c94763e011dc60ded75042d69e9874cb24423771
-
SHA256
3cb8d1cb600b54ebffb4bd34b1544d786ed4057c3bebcafe65243c0d303c3c26
-
SHA512
e37224d642a55f0ab26a709b5553e3abdb5364570036ad781fddaf1de7594e0e59dc2a95b432c8df2137856eceb36d3208309c837c218b6d097eec26c1525e23
-
SSDEEP
49152:Y/Dgf3D/xyemc3kTe1tYcJ/3sX/Re5w/HyhYCCraGx:YbgrJyemc3l1icJfsX/Rr/Ysl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 756d916c3ef82863112dbc686d981d66_JaffaCakes118
Files
-
756d916c3ef82863112dbc686d981d66_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 89KB - Virtual size: 236KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 211KB - Virtual size: 210KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE