Static task
static1
Behavioral task
behavioral1
Sample
a6e2f3d4d44b28b5c5c0e6206dc36119_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a6e2f3d4d44b28b5c5c0e6206dc36119_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
a6e2f3d4d44b28b5c5c0e6206dc36119_JaffaCakes118
-
Size
30KB
-
MD5
a6e2f3d4d44b28b5c5c0e6206dc36119
-
SHA1
a2849f999ebf749e389e921d6fbb902a7482dd82
-
SHA256
01cedde83f9bc78af9f12cc67b91d06020c300077e94c83cd22915e4c63b05f3
-
SHA512
d6fae23cfe0de47a5bcf2972617545f4a2902e0f0ea52bb1f9b83bad0031dd1580ddacfe7136403d70de231e35608f2745baf9624a32842b3a284dd201fcf427
-
SSDEEP
768:bsKzy6vSljKrFNhb/jYmLIA5Eghc8z6wvZLOGWhsNn:bsIywSljyiA5Eghc3eZFWh4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a6e2f3d4d44b28b5c5c0e6206dc36119_JaffaCakes118
Files
-
a6e2f3d4d44b28b5c5c0e6206dc36119_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
nsp0 Size: - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nsp1 Size: 29KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xiaohui Size: 234B - Virtual size: 234B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ