Static task
static1
Behavioral task
behavioral1
Sample
8e56538832f05f1927862ccc9856ea85_JaffaCakes118.exe
Resource
win7-20240729-en
General
-
Target
8e56538832f05f1927862ccc9856ea85_JaffaCakes118
-
Size
322KB
-
MD5
8e56538832f05f1927862ccc9856ea85
-
SHA1
782f76b0c7a8cd09264890cbae8523b064be63e2
-
SHA256
97b380d05023ff3e1eaff5ebdd384765a13f58d6a1156a9f2fb5290c93c286c1
-
SHA512
1e27c7b1bbde0e4f9433e1588f49f4439c1cbdb5fe1374acaf06351f5ee23766d8b4b842012a40f2fa7be247dced4a66937c3f45a4b5bbe447567504f917186b
-
SSDEEP
6144:prxl0VYXSQDpeASb/OjbwHgOYb3wqy2eovdoLME/FMFZJ:pwqX5EX0cAHb3wqy1gOLME/FM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8e56538832f05f1927862ccc9856ea85_JaffaCakes118
Files
-
8e56538832f05f1927862ccc9856ea85_JaffaCakes118.exe windows:1 windows x86 arch:x86
dbbceac39f5975d959814fd9c7244aa5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetWindowsDirectoryA
lstrcatA
_lcreat
_lwrite
_lclose
ExitProcess
shell32
ShellExecuteA
Sections
.text Size: 321KB - Virtual size: 320KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.import Size: 512B - Virtual size: 254B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE