Static task
static1
Behavioral task
behavioral1
Sample
2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118
-
Size
397KB
-
MD5
2b6fe5c490a00b888791b8b7ba590240
-
SHA1
c0fe35d2e68cff4326adccc714472faa123ec9d1
-
SHA256
d8e1e1c3b38d895ca72a0b0a0ead41a7860bb2528d3cb758590f281f10da0306
-
SHA512
8a0902c9febb4e6e6c5944a24f496e1d523aab44afd5a925f1d1717ea265e1e6c6e0a1fc92d1849fc711fcd76ab9e6d058bcab5b541f34d9eda6b95684da4186
-
SSDEEP
12288:2MCDo8a+IIZO8k/inLrYdhDW8yODWWpO6te:nx8a+ISkwEIeaWIWe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118
Files
-
2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118.exe windows:4 windows x86 arch:x86
1baa5820e47f48744e28f7d70ae5cd05
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
CallWindowProcA
msvbvm60.dll
MethCallEngine
ord593
ord594
ord709
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord645
ord648
ord570
ord681
ord685
ord100
ord616
Sections
.text Size: 48KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
�data Size: - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE