Static task
static1
Behavioral task
behavioral1
Sample
86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118
-
Size
9.5MB
-
MD5
86dcdcaa508ac735a4716f7039219d2b
-
SHA1
85350fa750b177d4bf8f224209c374c3eba61278
-
SHA256
dbf1a0efde3e41eafbd78a6a9e03a31ce5b773204ec5785eccd706384e221e02
-
SHA512
6824b566c6bdf11d36e1349bf5ed466d4780a0d5c8641b20924271c422f6c0bd23ec6a6fdccbd207f4334f449bcee0bace1d18c5394fa4aa7d63f59a43de7672
-
SSDEEP
196608:VzeA74ml1BBKjU0+KRn/gTfV3eesKNyS3DnSi9oxOd9LrJJbFRlkJ+QgHSwPQ:VqAt7UUGn/gXsKFznJhjB9FkM/HSwo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118
Files
-
86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118.exe windows:4 windows x86 arch:x86
a604c6ea79d5ea984febff3382a81f77
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeleteFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
CreateFileMappingA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA
user32
wsprintfA
Sections
.text Size: 1024B - Virtual size: 521B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 597B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 16.1MB - Virtual size: 16.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ