Static task
static1
Behavioral task
behavioral1
Sample
2c3162a02d6b8538a3560cd587cc3495_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2c3162a02d6b8538a3560cd587cc3495_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
2c3162a02d6b8538a3560cd587cc3495_JaffaCakes118
-
Size
18KB
-
MD5
2c3162a02d6b8538a3560cd587cc3495
-
SHA1
4b4007e7ad81688fa0fdc825a13b1bcab6acb23a
-
SHA256
e1a70e740ec422d9f65f49d1ee50ebe8e979d8d1cf15ba6177f2b8a5ce19d77c
-
SHA512
b9176461136343d4d9385b1ae7fa6d07e3f5c30e15d68dc1200b9870dcae46b47af5464f263dae39a8ff7b674dbcd21dfba4b6a63f4093394b8705cd67e0b9b8
-
SSDEEP
384:nTKppSETwVdCt62w27zKDSjlfo8zonJbpfmT1NYoVzzS:n+pwETwVdCt8enfo8zonJbpf+1Ko
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2c3162a02d6b8538a3560cd587cc3495_JaffaCakes118
Files
-
2c3162a02d6b8538a3560cd587cc3495_JaffaCakes118.exe windows:4 windows x86 arch:x86
37c0608f24ea4f5b69005df26d5dd626
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
Sections
.text Size: 11KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bedrock Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE