Static task
static1
Behavioral task
behavioral1
Sample
8c5b484e0492d24c47c2f60ce064459e_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
8c5b484e0492d24c47c2f60ce064459e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
8c5b484e0492d24c47c2f60ce064459e_JaffaCakes118
-
Size
16KB
-
MD5
8c5b484e0492d24c47c2f60ce064459e
-
SHA1
87e025d7dea41ed64354c4aaa67681b2ec0dd2d9
-
SHA256
9650b1304b5123e677d51d9bfcbee2d58d4b957fae7592e6c4858d3c8c4c21be
-
SHA512
f64f6cea64fc7541f832b85c96aba40947c60468a4dbbb2d8697cbcb3906470d6b0c08accc31e4e65687367128381b9c5ea46a5b35f3a931c666b58d14abfbc1
-
SSDEEP
384:9t4Lcg/qbxFGoigLQ+lumobXo7wGZipCtp:9t1fbhTebYg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8c5b484e0492d24c47c2f60ce064459e_JaffaCakes118
Files
-
8c5b484e0492d24c47c2f60ce064459e_JaffaCakes118.exe windows:5 windows x86 arch:x86
130819b265d35e86ec8e1621641c17cf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
advapi32
RegOpenKeyA
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 490B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 920B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data2 Size: 512B - Virtual size: 200B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ