Static task
static1
Behavioral task
behavioral1
Sample
d504cddb9f4b943417ae1742d9724536_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d504cddb9f4b943417ae1742d9724536_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d504cddb9f4b943417ae1742d9724536_JaffaCakes118
-
Size
2.6MB
-
MD5
d504cddb9f4b943417ae1742d9724536
-
SHA1
3e76a1477ef95cc512416d32ad7c1182f90aa43f
-
SHA256
c0ce22fb1ad63003e4a4298f70caa934a52e1f64f507f0bc5e9602a4164767db
-
SHA512
fdce1e15470529648dd99f1cf1d3938bf290288a0b18a9cdf10e9d866c14011bb907890bce0d8ad0c9a823ca68571c2080b8ac7d5afeebefeeb97db2308dff56
-
SSDEEP
49152:VMjlJ7WZ/AEQ3RXufXChSGNE95idoh8yxbw9sVjk:VSJ7a/PQ3RWCdahR2s2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d504cddb9f4b943417ae1742d9724536_JaffaCakes118
Files
-
d504cddb9f4b943417ae1742d9724536_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.nsp0 Size: - Virtual size: 5.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nsp1 Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nsp2 Size: - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE