Static task
static1
Behavioral task
behavioral1
Sample
ab65f584c08d632869271ac5ae454c73_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
ab65f584c08d632869271ac5ae454c73_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
ab65f584c08d632869271ac5ae454c73_JaffaCakes118
-
Size
4.4MB
-
MD5
ab65f584c08d632869271ac5ae454c73
-
SHA1
c89286f8a90527aee0e7806a6b8cf403b9debe11
-
SHA256
546deefa6d524b5b51ea86d6ef502be22bc25bb2f0812ca0ea4c8616cb29642c
-
SHA512
0568e6fc46fbadf69d7995d218887c359f17b0aa20f25bf1e71c8e27978c8a9fbcb16d9fa362ab08efbd6e67d8a7933f78fc7a6b984af3997faf12a2ff0366cb
-
SSDEEP
24576:qRkLxFgjON607fJuJa8vjil3tTRcM3kMpii+vT8R71N6JLj6Gcvs:qCFgi67aW+wMsvvQR71NBDv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ab65f584c08d632869271ac5ae454c73_JaffaCakes118
Files
-
ab65f584c08d632869271ac5ae454c73_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 832KB - Virtual size: 832KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 16B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ