Static task
static1
Behavioral task
behavioral1
Sample
ddbb908b0409fae563734d022797202c_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ddbb908b0409fae563734d022797202c_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
ddbb908b0409fae563734d022797202c_JaffaCakes118
-
Size
17KB
-
MD5
ddbb908b0409fae563734d022797202c
-
SHA1
7dcc36fab5cb7f7003c9167bd72505b81e606a67
-
SHA256
728bba749265dcf64c39f076261c4ca284ede0bf897225e0465239937f567dcb
-
SHA512
33d1f50f3223db1bd3234a3f1b3f7f546102d3028af3592b2e7cb81f222bede4b136207648c172cfe2fd42c5cf912997e7098f621cf44f4577c9e06c802fe770
-
SSDEEP
384:7nuCg99B99p5wm95kIX+bjLaF6gKrrNBNk6K/HY:7uD99JHd6ICaFIY4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ddbb908b0409fae563734d022797202c_JaffaCakes118
Files
-
ddbb908b0409fae563734d022797202c_JaffaCakes118.exe windows:4 windows x86 arch:x86
f2149d1ec54c499dc9d8bb42c1071984
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
wcslen
_wcsicmp
NtProtectVirtualMemory
NtUnmapViewOfSection
NtMapViewOfSection
memcpy
kernel32
GetProcAddress
LoadLibraryW
GetCurrentProcess
GetModuleHandleA
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 358B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ