Static task
static1
Behavioral task
behavioral1
Sample
14e10b78c210e71feb7a82c0810091c3_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
14e10b78c210e71feb7a82c0810091c3_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
14e10b78c210e71feb7a82c0810091c3_JaffaCakes118
-
Size
108KB
-
MD5
14e10b78c210e71feb7a82c0810091c3
-
SHA1
6faa3ac0ccfd2dc741ab285c34b7705e62b3dd38
-
SHA256
3bd4b08592131b16e3f7e18a15a7a493d9de5b4de78c0c43365182dc5a9a5ba5
-
SHA512
f1d5cce16e4eb37e472befbdf5c7aef1cb4926fd6fad70a7f8b149bd8b51c73af85aa1907b94e0be00db7b0a1393346f0b5bac55f6555ed30beedfd3100fedf9
-
SSDEEP
1536:QFFXgb4ES5Sv6HocQ5gVlsi3qMl+CVu22maMn5QP+Ie/+IMqqBBXeeGyj8NyWCh:AXgea6vCg4rBJPa/+IKGJju
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 14e10b78c210e71feb7a82c0810091c3_JaffaCakes118
Files
-
14e10b78c210e71feb7a82c0810091c3_JaffaCakes118.exe windows:4 windows x86 arch:x86
3697944a64a62226d23da3306d9467c8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
thumbs .db
MethCallEngine
ord516
ord666
ord595
ord598
ord520
ord631
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord716
ProcCallEngine
ord645
ord576
ord100
ord616
ord617
ord619
ord580
Sections
.text Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE