Static task
static1
Behavioral task
behavioral1
Sample
3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118
-
Size
160KB
-
MD5
3b0a00c115ab91c70263b836f22e4ef1
-
SHA1
74c6f0ad32a1a00818e075b51c54da3e2fccb42d
-
SHA256
f7df27bca0394e6444320e648d5745689d220389a8ee71f0707f77f44397dfd6
-
SHA512
c6a027f2a1553acdcd2a2df7cededad401392698b82c48a650dad3356eacebdb9058c59476287f13d16b3dd6f6f60bf0951ece6b476a172101a1e94c24d090a0
-
SSDEEP
3072:r3NmvQ67uM6mCru+CEmDROT3F2Lyl6ENIAhJpvKh8gpjFF6u:RmYsuU1EmDRO74m6mjW8+jFX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118
Files
-
3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118.exe windows:4 windows x86 arch:x86
f234410a71be624e1e2e13225bce3fe1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
__vbaStrCmp
kernel32
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
Sections
.text Size: - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
���ٸ��� Size: - Virtual size: 137KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
.tls Size: 4KB - Virtual size: 24B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
���ٸ��� Size: 148KB - Virtual size: 146KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE