Static task
static1
Behavioral task
behavioral1
Sample
fb36801db738152c34071034c25c38c7_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fb36801db738152c34071034c25c38c7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
fb36801db738152c34071034c25c38c7_JaffaCakes118
-
Size
29KB
-
MD5
fb36801db738152c34071034c25c38c7
-
SHA1
a779bc6936422eaa4e4e148b2b30137e684ce554
-
SHA256
d2a4b2ae272210111564f57111f2dc588bb65dd04170f97a851f761d35c6ade7
-
SHA512
39fe1ea0e75d3f3ecfdf5cf947b31b4c0b38072feeba38efcb23e464e214fe9536f7156d6cba68b273fe13e890556d1bf81add0cb08a5c5c3efa1b2a35f2223f
-
SSDEEP
384:KomOyuLjpMoHpbDxw7ZA8l9ZoA7k+w9GHhmssR0IkR4Inzo6m8m+RRtssIeo/r5d:K1Wjpqjl9x23xInzx9j1wrno6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fb36801db738152c34071034c25c38c7_JaffaCakes118
Files
-
fb36801db738152c34071034c25c38c7_JaffaCakes118.exe windows:4 windows x86 arch:x86
28c6ef1128d2dc0d513ddf64919b7716
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
GetModuleHandleA
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
Sections
.data Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.DATA Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ