Static task
static1
Behavioral task
behavioral1
Sample
9455b673a1953a3ca51d26d2d2637df6_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
9455b673a1953a3ca51d26d2d2637df6_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
9455b673a1953a3ca51d26d2d2637df6_JaffaCakes118
-
Size
128KB
-
MD5
9455b673a1953a3ca51d26d2d2637df6
-
SHA1
fe6d864e97fac5c94e07a5b366c8f0d91be8b90e
-
SHA256
b2d55f08b83ccbbe3c3b6c57b70a85bb4e22ccc54c830bb9057d79efcae3a98b
-
SHA512
95a8c6d2733811b7190e9232294af145d31e58e435082b1202c8b057c2efb8907a1c4edbdbdbe5c2b23327854e6def8d33de68f2874d062c05843fb066d164cc
-
SSDEEP
3072:xpin237SkFMUfh2IVIhK1g9ETbHFoax/CjhS18ZCJ:xpJFqUfItha5Tbxx6jhS18ZC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9455b673a1953a3ca51d26d2d2637df6_JaffaCakes118
Files
-
9455b673a1953a3ca51d26d2d2637df6_JaffaCakes118.exe windows:4 windows x86 arch:x86
1c75073784981cee49d39c46ed7aafdb
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetCommandLineA
GetProcAddress
VirtualAllocEx
GetModuleHandleW
GetOEMCP
LoadLibraryExA
lstrlenA
ExitProcess
GetModuleHandleA
IsBadReadPtr
GetACP
IsBadHugeReadPtr
GetCommandLineW
Sections
CODE Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ