Static task
static1
Behavioral task
behavioral1
Sample
e16199c012c51d9d0163ce2e028b7d2c_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e16199c012c51d9d0163ce2e028b7d2c_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
e16199c012c51d9d0163ce2e028b7d2c_JaffaCakes118
-
Size
549KB
-
MD5
e16199c012c51d9d0163ce2e028b7d2c
-
SHA1
b95b1b52d0d7cb0ba4004394c4f8326eb1de70e9
-
SHA256
1fd528993a8852b60084a7c28364460dc430c810122e63d9319e8aded2526a12
-
SHA512
71b2326ed73dfa1367bb4b67b18d7b207af2024135ea75f321b86c49640545a9512cb8df8a006da39650780a6cbbae5055202f4b1f78e3d591a6f90ff039fecd
-
SSDEEP
12288:OwccqEoKBsZuB/LRdNBRbzeIgbd3BKsG:OBMoKBlTR3XbCIuTKs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e16199c012c51d9d0163ce2e028b7d2c_JaffaCakes118
Files
-
e16199c012c51d9d0163ce2e028b7d2c_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 112KB - Virtual size: 111KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 6KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 12B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ