Static task
static1
Behavioral task
behavioral1
Sample
b189cb5395c8db32a9b409c86d34a356_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b189cb5395c8db32a9b409c86d34a356_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b189cb5395c8db32a9b409c86d34a356_JaffaCakes118
-
Size
22KB
-
MD5
b189cb5395c8db32a9b409c86d34a356
-
SHA1
bd5b94cfb502bded40f8ece1455a5eef93502567
-
SHA256
d5ce5b81a5a9fcacdf8fbf208d89faa33529c5d04ca90a4ad2457be351a9aa6d
-
SHA512
cbcf2078f0ce068f57a02a93d9bc8141bd8e7d34abfb5e0b4b74b448ff2a3b118450dfdfac1dff70192fc9e30986472e4484b6190bd4ae0c888046bd33af45ff
-
SSDEEP
384:O9eIATMpEK31oIwWKukyRwIWACASMu+Gy+kb3UnRaT+DH+/NMQ:H2CK+7ZuTRUy+koaEH+lN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b189cb5395c8db32a9b409c86d34a356_JaffaCakes118
Files
-
b189cb5395c8db32a9b409c86d34a356_JaffaCakes118.exe windows:4 windows x86 arch:x86
ea265e1fce9405dac4cbb1b5b8867377
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
_tell
_tzset
_umask
_rotl
_spawnl
_stat64
kernel32
GetNextVDMCommand
GetDriveTypeA
GetStdHandle
GetSystemInfo
GetVersion
GlobalAlloc
Sections
.flat Size: 9KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE