Static task
static1
Behavioral task
behavioral1
Sample
b772b00c5d19b2cd12a7d75e819d1a85_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b772b00c5d19b2cd12a7d75e819d1a85_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b772b00c5d19b2cd12a7d75e819d1a85_JaffaCakes118
-
Size
396KB
-
MD5
b772b00c5d19b2cd12a7d75e819d1a85
-
SHA1
5676cc6a4484a94dd16889bb9cb5decb10b14077
-
SHA256
37a29cd25d2652e75003a11366bad9263f2777a7118b447a6f2f31cb57cba0ef
-
SHA512
badfa07d0910cb2d689149819d8cbf12ecc2222c8850f2a629565239d42408abaa1beb0b177794826b2b6c25ee0ce541bdf8e707678c0c13a43e007b7e953ef8
-
SSDEEP
3072:ScdmiFgj1P6XO3V08jq/KYBE69JIa3bN7m4/ZZ5O6vQKts7G8:ScdOhPSO3hnm9m4VOwQKts7G8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b772b00c5d19b2cd12a7d75e819d1a85_JaffaCakes118
Files
-
b772b00c5d19b2cd12a7d75e819d1a85_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.nsp0 Size: 300KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nsp1 Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE