Static task
static1
Behavioral task
behavioral1
Sample
c0b3e57e705e4d38e6d33fc4e0df0874_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c0b3e57e705e4d38e6d33fc4e0df0874_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
c0b3e57e705e4d38e6d33fc4e0df0874_JaffaCakes118
-
Size
8.5MB
-
MD5
c0b3e57e705e4d38e6d33fc4e0df0874
-
SHA1
99bb68738185b171a0f8f602899cabaebdf2ca7e
-
SHA256
277c0e35e6e8d8d6b517541a1882ea24a8e4cfefde73f959954dc987c5fc5308
-
SHA512
75d517cffadd8ddb8875c917188827eae46843cf40e319b8aa0a417424132042b7cf58e2c58f3f98e701463d542dac051d8d3dea30ace00ff69b364b62134696
-
SSDEEP
196608:YcBWxVK/0bC40rZHc9FpD2Z1MHRgKZxD1MCuc8g65uby:YcBWG/0D0rZ89DD7HRgMJMbclauby
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c0b3e57e705e4d38e6d33fc4e0df0874_JaffaCakes118
Files
-
c0b3e57e705e4d38e6d33fc4e0df0874_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.text Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4.8MB - Virtual size: 4.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE