Static task
static1
Behavioral task
behavioral1
Sample
bd0413712404cc1498d21240dc9b5192_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
bd0413712404cc1498d21240dc9b5192_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
bd0413712404cc1498d21240dc9b5192_JaffaCakes118
-
Size
1.3MB
-
MD5
bd0413712404cc1498d21240dc9b5192
-
SHA1
d70f89dea518cc362b80ee0fec672b94dd4a7c8f
-
SHA256
b34c5e251c8f657028b6fb9e9f87ab0def5f5a2a02c56634848745d58889f814
-
SHA512
06b8d5130334b2016dd7c3169b85f0cac13e9c2c348e1d1f700f2aea07511c104565a16ad252f8c1ca31d5478b2cbb8e015c76c81c5dff6722d7dca74c09090e
-
SSDEEP
12288:yIy/9nKLh0sZzFvGsGYM7khdoGnlp1aoM6loGYOL77ozcUxjlHRr95Ha9KIfKb+y:y/V+rFuso7knDnYRnm7CPbv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bd0413712404cc1498d21240dc9b5192_JaffaCakes118
Files
-
bd0413712404cc1498d21240dc9b5192_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 8KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 16B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 134KB - Virtual size: 134KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ