Static task
static1
Behavioral task
behavioral1
Sample
37fc57f79ad7172ba29cd255bda04b63_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
37fc57f79ad7172ba29cd255bda04b63_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
37fc57f79ad7172ba29cd255bda04b63_JaffaCakes118
-
Size
63KB
-
MD5
37fc57f79ad7172ba29cd255bda04b63
-
SHA1
16ec761eab5d956e0599d74eda62ca22853e9e92
-
SHA256
d3cc01653df63ebfd6a365932c44ac592bb24adb8799a88cedd5991f52fe8710
-
SHA512
e458f4073ef0148b842c4d4965ddfa8c3d082626f74c97d9ea274d63f06a211671d650eab82fc84c145d79079f6d4ccb5d5d986550e71f319c3ba259123da05c
-
SSDEEP
768:ROalvI5QKedEGn9qeNXalsFHp1fDaAL7X07dsYmTCknHq4OXxAiTqF6:ROaijynylifDaAX07dsYcnnon
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 37fc57f79ad7172ba29cd255bda04b63_JaffaCakes118
Files
-
37fc57f79ad7172ba29cd255bda04b63_JaffaCakes118.exe windows:4 windows x86 arch:x86
30b6482dd497d02c72fb458e89bb2315
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
VirtualProtect
ExitProcess
Sections
.text Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 126B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 559B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE