Static task
static1
Behavioral task
behavioral1
Sample
0daa2b13e6a05dbcab59d77b8fa1bf49_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
0daa2b13e6a05dbcab59d77b8fa1bf49_JaffaCakes118
-
Size
136KB
-
MD5
0daa2b13e6a05dbcab59d77b8fa1bf49
-
SHA1
0f87d2c6ef0c828da52e6d5f3453c40b8a374e24
-
SHA256
7bf8f4abe97ee25bac7b79172f8a171a098bddb7630c1ce69ce594b6de277c6f
-
SHA512
e692755492abec4196891182ef6f7176a7ba32c0d5f83e90d8df48e6b189f2a345c6b5f9779e0121f198f2ee1d6ed114e3dc10c107c66d3011b78da2633cf8b2
-
SSDEEP
3072:7rxTo/TbyCdNvBx2oKRDfBeOv9EHXpvgZpLx3VRz:HxTO5dNJx2jZeOvK3pvgZ/z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0daa2b13e6a05dbcab59d77b8fa1bf49_JaffaCakes118
Files
-
0daa2b13e6a05dbcab59d77b8fa1bf49_JaffaCakes118.exe windows:4 windows x86 arch:x86
e41b0986ac2923c3aae4a690a50b22a1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord693
MethCallEngine
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord100
BASIC_CLASS_AddRef
Sections
.text Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 960B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 112KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ