Static task
static1
Behavioral task
behavioral1
Sample
ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118
-
Size
65KB
-
MD5
ae82368a2a2a029b1f0b62ef5aa9755d
-
SHA1
3cf29c25e9aceccb8d222d5d4e9bbd6d19c2e6c1
-
SHA256
4ae1f6a88e4a79631fc7b17dee34fd71d170ec3b9b25f171a2128f04c6a78e38
-
SHA512
75a45d502d9e30d4121755b30ce6a0ab9f5b4090e65e37ebe42e491244dfa2f224622c6e9ce2a4839c7e075c732fc01606be81e233872ae35762f20d4d346121
-
SSDEEP
1536:OstKHAjD5VAY8WZhts2RZN/6zZDs62kcH7Jg:OsKHAjDWCt3RPSzRsfkcH7C
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118
Files
-
ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118.exe windows:4 windows x86 arch:x86
5d0da584648aa3f010e48fcbadcc9991
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
InitCommonControlsEx
kernel32
GetProcAddress
VirtualProtect
VirtualFree
LoadLibraryA
VirtualAlloc
advapi32
QueryServiceConfigA
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 330B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 58KB - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ