Static task
static1
Behavioral task
behavioral1
Sample
db3c18579d6f0119bb29ef09f3544aa9_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
db3c18579d6f0119bb29ef09f3544aa9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
db3c18579d6f0119bb29ef09f3544aa9_JaffaCakes118
-
Size
726KB
-
MD5
db3c18579d6f0119bb29ef09f3544aa9
-
SHA1
9571d3447b172f98b0a8b57ed5bf8cc9834f0f6b
-
SHA256
4a03f172ee3d72f5481ccbe71f7bc08c6fff38fa2ce9dc294da3273fb79a1609
-
SHA512
2a9c48aa320a05ce01bb2bcc7af7f359005011dc1f29a169d677cd89c68dced999c1fd0cbe66fee88f60a69eca48e5c767da041f60f2d7f50aa05275a7af9109
-
SSDEEP
12288:5na9xiZIAg9LzPax0hjvu6jSrCKTkBEUFJB4+qRZtcvS38LCJQBtdGs1rBLsJ:5naTeSdzPax0BuOS5TkBX4+WkS3rJQBw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource db3c18579d6f0119bb29ef09f3544aa9_JaffaCakes118
Files
-
db3c18579d6f0119bb29ef09f3544aa9_JaffaCakes118.exe windows:1 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 1024B - Virtual size: 588B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 3KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ