Static task
static1
Behavioral task
behavioral1
Sample
8604b880766eb66d1bdfd2d664a596d5_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
8604b880766eb66d1bdfd2d664a596d5_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
8604b880766eb66d1bdfd2d664a596d5_JaffaCakes118
-
Size
641KB
-
MD5
8604b880766eb66d1bdfd2d664a596d5
-
SHA1
5f90662e7ee3bfec450388d66bafc9a2e1ff6e9e
-
SHA256
85d046914572836a9b021268b59f4c52befb6699df4c01da84f0946a6e8b9522
-
SHA512
5ebbd0f09fc04ab754fb8ac91b5076d3b7d0239d3a8a2c9a7812922e2ed1283f753497cb8e2045281a08cf2d8c6a205645de202ce72d5fefad38ef6ae722ab65
-
SSDEEP
12288:EC0kw1hp69LT88bQsaTnYCfdhHNnnrO9/xe2bFevhTIDzpALGYOv:ECYS9fQsaXdhH9++epARO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8604b880766eb66d1bdfd2d664a596d5_JaffaCakes118
Files
-
8604b880766eb66d1bdfd2d664a596d5_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 633KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE