Static task
static1
Behavioral task
behavioral1
Sample
b71fa444a20d0b1441121582182616f8_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b71fa444a20d0b1441121582182616f8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b71fa444a20d0b1441121582182616f8_JaffaCakes118
-
Size
183KB
-
MD5
b71fa444a20d0b1441121582182616f8
-
SHA1
6767adcc32a50ae52481359434965b9631518a13
-
SHA256
5cf7124116d94cd9b1ac998204bc9a25976e121b9c67d1b6c1f54e500e6457a8
-
SHA512
dde6d3f482bac4c8f67c9924b84ab7ef3c2b0072622e2e27f4ae8934ffa7e32d316a7b8fbe9af2ecd3592bfab27050c469fdc182cb398adb9986bc44e940f36c
-
SSDEEP
3072:ZCa1ucBSmEsx6qlyuxbY7GyVicrbe+u4DOepav/47raY2kLlgZfYag:Ea1ucBS/sQGaX9uKOem/4vaY7aZw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b71fa444a20d0b1441121582182616f8_JaffaCakes118
Files
-
b71fa444a20d0b1441121582182616f8_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
0 Size: 143KB - Virtual size: 728KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 39KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE