Static task
static1
Behavioral task
behavioral1
Sample
b466c6dda87e5c179c79f09c02a6ad7b_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b466c6dda87e5c179c79f09c02a6ad7b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b466c6dda87e5c179c79f09c02a6ad7b_JaffaCakes118
-
Size
9KB
-
MD5
b466c6dda87e5c179c79f09c02a6ad7b
-
SHA1
e1cc6b9d9aa00e3e0d1f7b5762a85316086c6548
-
SHA256
de289116120b3e927a5a6951f50e9085933c4451bb4eac7435ccdbe509ed77a2
-
SHA512
be7a8de077d21c1c308b323dc70bf9c5a18bb990e752ace42d871afa95735d776a43c01f270b0099fce26f50004f85ea12612b954273f8f217b0c8363df20b3e
-
SSDEEP
6:idqGVg3F+X32QbVi/lLC2AuE4ERVwC8tDD7100QCFumxcq9EFmfzTw5BjSJ:etGSGQUtLC2AsSMncUE5Bj4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b466c6dda87e5c179c79f09c02a6ad7b_JaffaCakes118
Files
-
b466c6dda87e5c179c79f09c02a6ad7b_JaffaCakes118.exe windows:4 windows x86 arch:x86
a20dd2ba66f09466c6b1c180c7a3e2f0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
ExitProcess
VirtualProtect
Sections
.text Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE