Static task
static1
Behavioral task
behavioral1
Sample
adcc3e90a4417a9b4a9b3809a01bcdf1_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
adcc3e90a4417a9b4a9b3809a01bcdf1_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
adcc3e90a4417a9b4a9b3809a01bcdf1_JaffaCakes118
-
Size
168KB
-
MD5
adcc3e90a4417a9b4a9b3809a01bcdf1
-
SHA1
d3d4741cd561673ea41e8dc17a82a9815b22b982
-
SHA256
7f1faea545af4c4949669f596eee7ce8a895a01e23c39f7167c9d23109b0ee5b
-
SHA512
b20bb45d626f9b03724531bdf9393cf31350ad7d780ac37bff6d120ec9b145bebc1995205f85d4362e0fe1f3fd954fbc5582e022a6e4e84171c1b83d08137b44
-
SSDEEP
3072:BcDp+kcCZYWIrz6HLbukyhKPLST9m4En2elfSmCCx5RUOwHVfPKjxJon:Bop+TWIrMLbsiLST9DTeY/Ct7ofi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource adcc3e90a4417a9b4a9b3809a01bcdf1_JaffaCakes118
Files
-
adcc3e90a4417a9b4a9b3809a01bcdf1_JaffaCakes118.exe windows:4 windows x86 arch:x86
4efc2d3e673738b5817f6cc5819957f6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect
user32
wsprintfA
Sections
Wrm3qF^% Size: - Virtual size: 123KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FaLv=.Aw Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
=#Nm;/-" Size: - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sV$Z_ :^ Size: - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
y7d/f#\v Size: 164KB - Virtual size: 161KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE