Static task
static1
Behavioral task
behavioral1
Sample
c033cbbc3f32682db0b5fb2720d23008_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c033cbbc3f32682db0b5fb2720d23008_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
c033cbbc3f32682db0b5fb2720d23008_JaffaCakes118
-
Size
85KB
-
MD5
c033cbbc3f32682db0b5fb2720d23008
-
SHA1
e81c6511224b81439c9ca60479bcfbfa3b70b375
-
SHA256
c91ed889ae8f40017e6f3de3c65c37432dd620fd059ac491de75c3ded21c2fd1
-
SHA512
2ea48b4e0c915625628432db23b20827b0827804fce3592dec36c67dbe421bc944ffe84595a6a2681aae52eed7574ace6b5dacdc8d4d63c6782e4bf6425b676c
-
SSDEEP
1536:tT63upAZD8ff3LSWAh7W4uH9M4hGZ5uW0p8aTZAaXPDf:tT63upRf3L1AM4uxe0Zdd/Df
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c033cbbc3f32682db0b5fb2720d23008_JaffaCakes118
Files
-
c033cbbc3f32682db0b5fb2720d23008_JaffaCakes118.exe windows:4 windows x86 arch:x86
ec3b0222cedc50893427a2c7187aa13b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
malloc
__p__fmode
_initterm
calloc
_setmode
cos
exit
_exit
_onexit
fopen
_XcptFilter
_adjust_fdiv
free
strcmp
_except_handler3
strncmp
abort
__getmainargs
_acmdln
__setusermatherr
fwrite
fclose
__p__commode
kernel32
VirtualProtect
GetModuleHandleW
GetStartupInfoA
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1024B - Virtual size: 636B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE