Static task
static1
Behavioral task
behavioral1
Sample
9491709630b34d61103c54295e85a929_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
9491709630b34d61103c54295e85a929_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
9491709630b34d61103c54295e85a929_JaffaCakes118
-
Size
21KB
-
MD5
9491709630b34d61103c54295e85a929
-
SHA1
9234c27519d27a5c4e470516075a07291c5a39ed
-
SHA256
41060df25d409169951bcbb34bf23e6f4c8a09e12a1fe0b2a8cecb6165b87c73
-
SHA512
f616b229f771e3dbe6644e8907b5ba1ef4d43710d94ac7392d26e5ee3ae27e6b8cba1a47257082cec5c47c1d7da1574c2b37121f78038146e8eac10cf880f746
-
SSDEEP
384:RUn5hKfneUVhcjWS4mWuGODbOin+Ppez7zRDgDzi38zz4gv5V16k:Sh4eUVRKbOY+MX2zk8vfVw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9491709630b34d61103c54295e85a929_JaffaCakes118
Files
-
9491709630b34d61103c54295e85a929_JaffaCakes118.exe windows:4 windows x86 arch:x86
00a74eef46fa4706e03ad6a74c612b6b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
NtSetInformationObject
NtAllocateVirtualMemory
RtlAddAccessAllowedObjectAce
RtlAdjustPrivilege
rtutils
TraceDumpExA
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE