Static task
static1
Behavioral task
behavioral1
Sample
856bb646fa8ecb5edede827416b2e4d3_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
856bb646fa8ecb5edede827416b2e4d3_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
856bb646fa8ecb5edede827416b2e4d3_JaffaCakes118
-
Size
32KB
-
MD5
856bb646fa8ecb5edede827416b2e4d3
-
SHA1
e2a6c6f637bd51aaabc823f419a744b74b8d275f
-
SHA256
75f1a86c6a812660990204cde713d903f72ec60efdbbd64bfe2f0251d1c0cb89
-
SHA512
76b0732be965f2a1b9bd9a56b3347fff352c12412e34ace3ee54bd869e8c28083e85ac9c71640c8f88a5eb391495e6db97362a32cf361f90f072d01af6d328c2
-
SSDEEP
768:BFb2qiam03+Xf5/c37v0FRDi9+sgw2y0NYc3/GbYFyhXFHQ0h3:BFbIP0345/cz0DiG5y4YcvGuyhXFw0h3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 856bb646fa8ecb5edede827416b2e4d3_JaffaCakes118
Files
-
856bb646fa8ecb5edede827416b2e4d3_JaffaCakes118.exe windows:5 windows x86 arch:x86
84aa944ca0966af591b50c6b848ea195
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
ExitProcess
VirtualProtect
Sections
.wjyx Size: 26KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.til Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.doj Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.b Size: 512B - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE