Static task
static1
Behavioral task
behavioral1
Sample
d3a919b9b2bf8200c4fca3d35cf3a002_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
d3a919b9b2bf8200c4fca3d35cf3a002_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d3a919b9b2bf8200c4fca3d35cf3a002_JaffaCakes118
-
Size
88KB
-
MD5
d3a919b9b2bf8200c4fca3d35cf3a002
-
SHA1
8cfe1af78a7ba6f0e481f69584d63a27d1f29fe5
-
SHA256
9c1bb20b1613604b0b074f2d9e8e09f73e9907a9320797cc9ac0b5c4b017b36f
-
SHA512
a455073ef91e5bdd70f48a91d388a43e800a8582a3bb8803799bf03028d01db180903a9c4d602241bee43c1830e4f2225a87f4347156725530c9434f96d97100
-
SSDEEP
1536:CsiT1P/fIvQ4W/9RkIDw233EcDyuTj3WQ8MJMBd16zvWGgNGyG1V5/8B:0xf549K3dTaQ87B6pGGVxkB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d3a919b9b2bf8200c4fca3d35cf3a002_JaffaCakes118
Files
-
d3a919b9b2bf8200c4fca3d35cf3a002_JaffaCakes118.exe windows:4 windows x86 arch:x86
e2e13abec365dd458b52299837ef7cde
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
msvcrt
strcmp
strcat
calloc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
strcpy
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strlen
_initterm
Sections
.rdata Size: 582B - Virtual size: 582B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ