Static task
static1
Behavioral task
behavioral1
Sample
97c790f8cbdb4a33127e61f3af649eb7_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
97c790f8cbdb4a33127e61f3af649eb7_JaffaCakes118
-
Size
475KB
-
MD5
97c790f8cbdb4a33127e61f3af649eb7
-
SHA1
0f1d9bb9ddf435cfc60621661ddf09fd97e31eaa
-
SHA256
42ae665a6d761270e7440463f23c2828fe59843387e8d5eaad4007b049239eb9
-
SHA512
e2093d1ced5f49c78418cf463ef979ec08553cf1ff2c919c5730da5d4c1ac982e2073a61585e8bd04b218bba5107e073eb1b5e8321e17b56ac11d83e917ba98a
-
SSDEEP
12288:xBpMQxDbJQ8HGxil3L62lDU2ywRZ4HY98P:DyshNHGxe22yiZCR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 97c790f8cbdb4a33127e61f3af649eb7_JaffaCakes118
Files
-
97c790f8cbdb4a33127e61f3af649eb7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.scpack Size: - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 396KB - Virtual size: 396KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ