Static task
static1
Behavioral task
behavioral1
Sample
02d8ddffa40a52bd5630b58664f8822e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
02d8ddffa40a52bd5630b58664f8822e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
02d8ddffa40a52bd5630b58664f8822e_JaffaCakes118
-
Size
54KB
-
MD5
02d8ddffa40a52bd5630b58664f8822e
-
SHA1
5c39a7bb9b578514972965785b3df48d7ce0d309
-
SHA256
ab30c7eaf5a4cb1274b71119299503be3c2a4551e712e16be73fe506d34ffdd6
-
SHA512
f5420e465effed584cb0302dec59889852fb518563be124894dc01036c2bb8870dd699367de9e68b7d6a72edb1680b2332d7b9bfca20f032831e1877bbfd84da
-
SSDEEP
768:yeJV08uVsgHgUDpiCqFYVO+1WlC1uxEtYk9cPWfuQdiHIWrwnvXv0wWj:LaCQDDpiC4uO+1lcytyPWfutwnEwWj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 02d8ddffa40a52bd5630b58664f8822e_JaffaCakes118
Files
-
02d8ddffa40a52bd5630b58664f8822e_JaffaCakes118.exe windows:5 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 44KB - Virtual size: 128KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE