Static task
static1
Behavioral task
behavioral1
Sample
beb39a83c586e50fac2a2ddecb2f28e6_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
beb39a83c586e50fac2a2ddecb2f28e6_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
beb39a83c586e50fac2a2ddecb2f28e6_JaffaCakes118
-
Size
76KB
-
MD5
beb39a83c586e50fac2a2ddecb2f28e6
-
SHA1
7e9a008f5eb536b9796a7ee00f6fa89ca7680b24
-
SHA256
0047687c2df9759d15faf131c7f6e0e15e0f8bf48b86ac316ab04b004ca154dc
-
SHA512
1ee5e9966f71c8657a170fe9a506f71767926d790eac732737c7553273299d67f021abc0f8a12667fb7c14ad1264828a7c5f24444415ccc609110f8d47faeb71
-
SSDEEP
1536:AHb+rXm5RRD8UFH/IIGQ0d9iD4jElqHKSyNAOJCupjVrs2ryrd1vUQuq6:9XcRR8UFH/IIn0dQkYqqSy2OJCuHs2qo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource beb39a83c586e50fac2a2ddecb2f28e6_JaffaCakes118
Files
-
beb39a83c586e50fac2a2ddecb2f28e6_JaffaCakes118.exe windows:4 windows x86 arch:x86
a2d1f62c1f1dfd12709dbbd04f383b66
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetStartupInfoA
SetFileAttributesW
InterlockedFlushSList
SetCriticalSectionSpinCount
OpenProfileUserMapping
TransactNamedPipe
GetUserDefaultUILanguage
SetSystemTime
GetTickCount
GetNamedPipeInfo
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.brdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE