Static task
static1
Behavioral task
behavioral1
Sample
d6eab812c1d3cb02169c8ffb4e4e3e0b_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d6eab812c1d3cb02169c8ffb4e4e3e0b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d6eab812c1d3cb02169c8ffb4e4e3e0b_JaffaCakes118
-
Size
158KB
-
MD5
d6eab812c1d3cb02169c8ffb4e4e3e0b
-
SHA1
a84e3859d72ef68d743608f0a23b69d310e801d3
-
SHA256
b11fc5d183e045e94e0d2e38ee0a2810d9354c3cefef4939f31f790aea3ae3eb
-
SHA512
14881cb763db87999002990b0f8bd59dc5deef49ea680f47e05d8847248b72b49a47aca582e4bffbe8ca3b1f0d2a47b01376b6668339b166273836712f65756d
-
SSDEEP
1536:pd8LabuhFZxmFVBh2n0sUZeaRhdsRxOpQB/QUAqp+o2j/Z:32+BbBMpUZeajLpQB/Tp+o2/Z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d6eab812c1d3cb02169c8ffb4e4e3e0b_JaffaCakes118
Files
-
d6eab812c1d3cb02169c8ffb4e4e3e0b_JaffaCakes118.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 39KB - Virtual size: 196KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 118KB - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE