Static task
static1
Behavioral task
behavioral1
Sample
d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118
-
Size
1.7MB
-
MD5
d0ffaa979318af818b42e34ddec8dee6
-
SHA1
989f0ecdde9c54cfd3672fd9a9a96e52b09afe04
-
SHA256
1e0c836d155622df483eb46c6498f4cddf8bef4ca7d44853b49e5f8e1f5b5fb8
-
SHA512
fdefe9aae044c4c7927ff5ee6b9216b74c24324a21e59a44e959cb41c976f56e16771da6a25515bea94b233c6d05d341c55e7d08469e08073cba053ee548c7a8
-
SSDEEP
49152:dNarN4LLCyHW9q5N4LUVNi3lWHm3gLxArsFwAWm:dNarySyGA4LUm3r3g9XF8m
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118
Files
-
d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118.exe windows:5 windows x86 arch:x86
5e2c7d7d2ee1b7ecd7154389c58e0a4f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32 winmm
SetErrorMode 3%
Sections
.text Size: 940KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SE Size: 784KB - Virtual size: 784KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SE Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SE Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SE Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ