Static task
static1
Behavioral task
behavioral1
Sample
bef3c3f2d8f7bb445681b32096c17c97_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
bef3c3f2d8f7bb445681b32096c17c97_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
bef3c3f2d8f7bb445681b32096c17c97_JaffaCakes118
-
Size
13KB
-
MD5
bef3c3f2d8f7bb445681b32096c17c97
-
SHA1
f220a5843acd28cc75ac972dfe58da1806bd3317
-
SHA256
4dbc18df71412fe6c5171a3ba7347d88c2726354eace2ab1e88721c47e058799
-
SHA512
2b9c952538d7f0081ff749a03af247d2b161f13f3ff32a97edf7e61daacacc03c1956fc8c53d998718d89d99b81a90a19d2184e65ae188925f7c72e88fbc8823
-
SSDEEP
192:NfVrgrOUcgFY6SB4B3ytd/fOoNLKu45aeljQfisYko2kylB0xC:l1CZDFYz2dSlKD5pSxrjkylj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bef3c3f2d8f7bb445681b32096c17c97_JaffaCakes118
Files
-
bef3c3f2d8f7bb445681b32096c17c97_JaffaCakes118.exe windows:1 windows x86 arch:x86
0427358f000ef51e2818d7030d52c21f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateFiber
IsBadCodePtr
Sections
.text Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 3KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE