Static task
static1
Behavioral task
behavioral1
Sample
94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118
-
Size
324KB
-
MD5
94b70f6b9dca7e08ff2a4f4dfce1b697
-
SHA1
ab344d4f65a61966b54556c4ad0cbe3093b2e9e3
-
SHA256
d1de3763bf462b0a2ca972adceb0132bce19bd1d2f013f9869ded8feec1b9d62
-
SHA512
0b833c16a8d769dc772660fd153dc3afa93c19359c16add64fe0a013669aec96e5307d609e12d8d6a5299a8854c8945793027aaf9f55697fedde6461d966fa1b
-
SSDEEP
6144:deR5yjI0wwCdv1sOiaZgMs2StQco1MjJkZxJYAiciYKD1boS9I:u5h0wzdv//2MnR1MjCxJYGiYWboS9I
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118
Files
-
94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118.exe windows:4 windows x86 arch:x86
49cf593d3858c6b4b026c208c9b4fcb2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord595
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord717
ProcCallEngine
ord644
ord645
ord570
ord648
ord572
ord685
ord100
Sections
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 300KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ