Static task
static1
Behavioral task
behavioral1
Sample
ad97598fa546bd98fd25e01557f96a5f_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
ad97598fa546bd98fd25e01557f96a5f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
ad97598fa546bd98fd25e01557f96a5f_JaffaCakes118
-
Size
480KB
-
MD5
ad97598fa546bd98fd25e01557f96a5f
-
SHA1
2cd6bf61930d9611ebfb4b354dea0f95874e7931
-
SHA256
19efb0dee02e3920a188e623597ef9ba6bef610b91c3b32e88f8928de33d0fe0
-
SHA512
db9432f9aed861ac5f39f823a739535ef5cc1df07c2358c0069acd66239d0bb21bfb78a9d195d6086318c3294770e7e6301e58187adad02f43ae3de21a3bfc35
-
SSDEEP
384:TSifiQ2Gkn3frMXyZe4jzNcpyVcxgDvHbw5cQLQSpoLWULFmgevk8iIaLp7xiShk:ZfiQm3zoyDmDAMHI0wsl091Wgq5B
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ad97598fa546bd98fd25e01557f96a5f_JaffaCakes118
Files
-
ad97598fa546bd98fd25e01557f96a5f_JaffaCakes118.exe windows:4 windows x86 arch:x86
2c3875cd385a2a20d39732155214965f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord690
ord696
MethCallEngine
ord516
ord628
ord665
ord593
ord300
ord594
ord595
ord599
ord306
ord631
ord525
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord644
ord537
ord645
ord648
ord571
ord100
ord689
ord616
ord581
Sections
.text Size: 472KB - Virtual size: 471KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ