Static task
static1
Behavioral task
behavioral1
Sample
c515a556d7cc1fb7a476fb0fb1aadaaa_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
c515a556d7cc1fb7a476fb0fb1aadaaa_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
c515a556d7cc1fb7a476fb0fb1aadaaa_JaffaCakes118
-
Size
705KB
-
MD5
c515a556d7cc1fb7a476fb0fb1aadaaa
-
SHA1
c5690d2abee36e06c2c40dceba693bc7eeeda7be
-
SHA256
4ba67a000526a4abcf098ab1671fae28996f0db56a67bdeb36d2ef653e34c35b
-
SHA512
ceb6047816345ad1767698982d448d48accc1e9b22f0fb7ca9c9233444523531b9ef672041dc73ce6a6b6f22fd7263ca882d6fb19288d0dd726cb7c0eb94a1a2
-
SSDEEP
12288:0J0unggMGIwHJo8spfSPFWHw2Y8ZKk8mZfurZB+n3mfYBkU4f5YNmmh8o:luoG9priSPFWHw2Y8ZK5d22fYBkU4f5q
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource c515a556d7cc1fb7a476fb0fb1aadaaa_JaffaCakes118
Files
-
c515a556d7cc1fb7a476fb0fb1aadaaa_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 637KB - Virtual size: 636KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ