Static task
static1
Behavioral task
behavioral1
Sample
3deebc449901aa636ea37f9afdce09a8_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
3deebc449901aa636ea37f9afdce09a8_JaffaCakes118
-
Size
2.9MB
-
MD5
3deebc449901aa636ea37f9afdce09a8
-
SHA1
6cc9019fd8c3702bf6c935267714f56b84d39322
-
SHA256
9e72dff7cce25047acb94afa840cc58f39088c9b9c1b9b7b91de2ec894d71d81
-
SHA512
71212f771bd74661eb28f3d5704bbc3bba71ab507ecb8a176f8a1fef65bd1a3dc56a558f93be827e8a47b29a3247cc791f3c5c8929106978c8d55260cf8ca979
-
SSDEEP
49152:25GxM1/vGppvwIgM9eiiNZfcV5HjO8BSiNfwqLEbssPb9/dPmQPvzg9:cGx8/vQ139+NadjOiNfRKjTnPmQPvzk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3deebc449901aa636ea37f9afdce09a8_JaffaCakes118
Files
-
3deebc449901aa636ea37f9afdce09a8_JaffaCakes118.exe windows:4 windows x86 arch:x86
d64316aca8f69e2636ef0af74aba9f34
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
GetACP
Sections
Size: 535KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 43KB - Virtual size: 346KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 3.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xyssiool Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
clpvbxuq Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE