Static task
static1
Behavioral task
behavioral1
Sample
f5a682ce07f75cc57e55a9e5e13fb904_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
f5a682ce07f75cc57e55a9e5e13fb904_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
f5a682ce07f75cc57e55a9e5e13fb904_JaffaCakes118
-
Size
192KB
-
MD5
f5a682ce07f75cc57e55a9e5e13fb904
-
SHA1
f61811c28eecd9b02142ae45755ff00ade0ec9bc
-
SHA256
4269971ecd869e0df2820338b43a7ecf1080a3fc97826143370323c0cc097b53
-
SHA512
0b5559efad339badd9f18bcb3ab463265099bf2380f76e646e19eb868cddb317caf8282d526f7aeb1d89fc4acd5972d99ed2be7a12201406b8fd1995fc5ad6f1
-
SSDEEP
3072:uQqf970FNTedwBHpTiw0SDctUt6lEMRUjxb4iMH654IauH/ZVAeVGeG2Z/uE:ulFwTeGBHVx04c2gPSjxb4iMH6UuHhVb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f5a682ce07f75cc57e55a9e5e13fb904_JaffaCakes118
Files
-
f5a682ce07f75cc57e55a9e5e13fb904_JaffaCakes118.exe windows:4 windows x86 arch:x86
22aa25a9dbb99211db866b1a30897dd8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
ReadFile
VirtualProtect
user32
wsprintfA
wvsprintfA
Sections
wOO tZ-E Size: - Virtual size: 190KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Y(xKmB`1 Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
F' otr,u Size: - Virtual size: 592B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
c.9Dr[k> Size: - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Q=tJucsJ Size: 160KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE