Static task
static1
Behavioral task
behavioral1
Sample
9699eee29dda57e6083b100edfa66fe7_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
9699eee29dda57e6083b100edfa66fe7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
9699eee29dda57e6083b100edfa66fe7_JaffaCakes118
-
Size
32KB
-
MD5
9699eee29dda57e6083b100edfa66fe7
-
SHA1
ed594c221d903e2385a88e566baa2b3be9a7d832
-
SHA256
03f24908023e0dd5ca8dad121a459550b1801712051bcd6654dd5b871abcee3e
-
SHA512
ec3b8294a2148dac10d6267bd58ea4f16e67e05fdbfe560fd5e99d9af94de4ea354cbae68f25b81b1c89656306aa7e3608401d408f43b81b20a0b004df5e0336
-
SSDEEP
384:TfRXdPTaX5xq+iMybaKCd4Lfxw7LNKv7ufNMEq42Z+9Y:NpbOfMu2E52Z+9
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9699eee29dda57e6083b100edfa66fe7_JaffaCakes118
Files
-
9699eee29dda57e6083b100edfa66fe7_JaffaCakes118.exe windows:4 windows x86 arch:x86
5db095dfc1721d74b230d08dedaa4667
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord558
ord666
ord595
ord598
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord563
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord716
ProcCallEngine
ord537
ord645
ord578
ord100
ord579
ord616
Sections
.text Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ