Static task
static1
Behavioral task
behavioral1
Sample
aeef79b317090b18459903326d33911e_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
aeef79b317090b18459903326d33911e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
aeef79b317090b18459903326d33911e_JaffaCakes118
-
Size
506KB
-
MD5
aeef79b317090b18459903326d33911e
-
SHA1
7818ced07bc956bbb86e5c73c4c432d90b621853
-
SHA256
5fd5ecdc2879757733bf9e9d5c24e64b68d303e7ef740af2f5deaa69da839e24
-
SHA512
20b7e53da6e0735f41fb6e0fc0d4bf6f44f7927af6ac78d23a4a8ddae493a887c29a5c66e686ced7a9ecf058244218d30f191daa734ceb09846ee84b56079a99
-
SSDEEP
12288:2dN/7I9jM2GYWZynq4JSsRggVEhy3NaEYo:Wp7ISxynqjYvEI3Nbb
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource aeef79b317090b18459903326d33911e_JaffaCakes118
Files
-
aeef79b317090b18459903326d33911e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 391KB - Virtual size: 391KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 33KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ