Static task
static1
Behavioral task
behavioral1
Sample
b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118
-
Size
3KB
-
MD5
b6081cdd4b62d6c4e78c8e5b97edaafe
-
SHA1
8915ff291f618e17292f396097fe2fe532c549c8
-
SHA256
48d3a82f5cacac6c6045c97424aea13a9127a59245b0fb201f96149f8259f78d
-
SHA512
09fb23569b66a96e8852f535a54b4c2c22512600e641278b5a740886fc1aa905f0e8c6ddc8b7e4a2a7e7ebda5f3951166de71914c9d4f4de407f799bd6162d40
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118
Files
-
b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118.exe windows:4 windows x86 arch:x86
9c2c73f97fd9d524344b9c7c8f179972
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
CreateEventA
CreateFileA
CreateProcessA
ExitProcess
GetFileSize
GetProcAddress
GetSystemDefaultLCID
GetTempFileNameA
GetTempPathA
LoadLibraryA
OpenEventA
ReadFile
RtlFillMemory
VirtualAlloc
VirtualFree
lstrcatA
Sections
.text Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 466B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 289B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE