Static task
static1
Behavioral task
behavioral1
Sample
0c39b9a5b87d0658a5d7982ae5e1384b_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0c39b9a5b87d0658a5d7982ae5e1384b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
0c39b9a5b87d0658a5d7982ae5e1384b_JaffaCakes118
-
Size
5.4MB
-
MD5
0c39b9a5b87d0658a5d7982ae5e1384b
-
SHA1
7c233722257ea2e978b1f80b91a6e167384d2ed0
-
SHA256
e3d58057db9a6487c02b226dfc7d64b9ff5bcb5db9811c2c9252c70aa770c889
-
SHA512
773d9287309d920c37aa4f3a6f1aa51cc0fd56541943ca12dd23c9316a8aee2f53539c4e94e9a9301a93ab20be0d1c4ccc5f40b587e09adf3eef6edbd44713e3
-
SSDEEP
98304:gUT2ySf3rwc7eKCy8riedor/IyfjACyfRKhT/1+KZlSmrCZsApHgtgplY8/:5T2yvW0Y/zb84B/VZD/ApHgg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0c39b9a5b87d0658a5d7982ae5e1384b_JaffaCakes118
Files
-
0c39b9a5b87d0658a5d7982ae5e1384b_JaffaCakes118.exe windows:4 windows x86 arch:x86
baa93d47220682c04d92f7797d9224ce
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
lstrcpy
comctl32
InitCommonControls
Sections
Size: 731KB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.8MB - Virtual size: 3.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nuwupxzg Size: 916KB - Virtual size: 920KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
snpsgzrt Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE