Static task
static1
Behavioral task
behavioral1
Sample
154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118
-
Size
52KB
-
MD5
154e8fdca45e2371a56bf8cd85358d2f
-
SHA1
62ba8147524061aed744bd5dc4c66dba5ba89c37
-
SHA256
dee4bc1b73fe226baeeecc2dc6a7661bc031361c728aebdb366b7678e4f1a7cd
-
SHA512
b47f035cdc44d943db062da29b1a3bed4b417e1e23bf5d5aeb867d609d153c0291030526f478fc15d79864459ef8e619ae3bd0d5450095d48636391070cc3243
-
SSDEEP
768:8+AObw06ClYt6xMgR9YqOwfdGDIhmYFp5vciqO02/88:01ClYtzQFciq92/88
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118
Files
-
154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118.exe windows:4 windows x86 arch:x86
7345f9497130be252852f565608edfb2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetTickCount
GetTempPathA
Sleep
GetCurrentThreadId
ExitProcess
GetProcAddress
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
user32
PeekMessageA
PostThreadMessageA
wsprintfA
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BY �� Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bedrock Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE