Static task
static1
Behavioral task
behavioral1
Sample
78c9b682869d76a8062404267a04235b_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
78c9b682869d76a8062404267a04235b_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
78c9b682869d76a8062404267a04235b_JaffaCakes118
-
Size
128KB
-
MD5
78c9b682869d76a8062404267a04235b
-
SHA1
915ec61594b65e3399dae19174e085f7bb7d76ac
-
SHA256
ad81dc78e2a380b6c372755d851c785f1f656afad331d33f5d6898ad0a6691b5
-
SHA512
cb3fe9df4a99e4751dd7431b2fb8858c4e6be7de4158d6b231e3e70bfdde1c96a3afa7dc4fddd3f816b859717cb6c7b56d593c6498671dae6a125352581d37c8
-
SSDEEP
3072:RBUwv5yJ38ITNImM+69L+gPcOTam16m/Z6d0Bn6:Rek5yXdhgPcOR1P6T
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 78c9b682869d76a8062404267a04235b_JaffaCakes118
Files
-
78c9b682869d76a8062404267a04235b_JaffaCakes118.exe windows:4 windows x86 arch:x86
ba480ecaa359146769cdddc6840dd95b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LocalAlloc
GetFileType
GetProcAddress
GetVersion
LocalFree
CompareStringA
LoadLibraryA
user32
GetMessageA
TranslateMessage
CharPrevA
DispatchMessageA
CharNextA
advapi32
RegCloseKey
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 109KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ