Static task
static1
Behavioral task
behavioral1
Sample
048ea4ce4289c8249a8230efab4bf0f6_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
048ea4ce4289c8249a8230efab4bf0f6_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
048ea4ce4289c8249a8230efab4bf0f6_JaffaCakes118
-
Size
56KB
-
MD5
048ea4ce4289c8249a8230efab4bf0f6
-
SHA1
faf0c42109805c2c4bcd4fb1aaa9941c96bbed55
-
SHA256
eab3ff7df3ad99e1c44bb0987e52fe1d50119f608b890b0a0fcb34b1e6a152f1
-
SHA512
85c1a3e9e1fc063c36534ecb6c563fba3d6346591504748c421a34457b749a3bebe6d1f6278d4d2837d170fad60f9e8b39944f2b779695148f5f559ea49eba70
-
SSDEEP
1536:7K/7i9jN43F1iZu1SjrCYkzkTur3I8tc8:We9J43FoZuo25g78
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 048ea4ce4289c8249a8230efab4bf0f6_JaffaCakes118
Files
-
048ea4ce4289c8249a8230efab4bf0f6_JaffaCakes118.exe windows:4 windows x86 arch:x86
e82dd51b077167be63c004bed23d0c1e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
Sections
.text Size: 512B - Virtual size: 14B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 90B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_Natali_ Size: 53KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE