Static task
static1
Behavioral task
behavioral1
Sample
3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118
-
Size
6KB
-
MD5
3ee5d418d109de62c1b9b020fbe8c114
-
SHA1
cf579457e63e9b605c73ee2e02861f38c172be7d
-
SHA256
12ce37ca74127b9855ab8eb56207d6b6c12010af1e871bb7748edade99ddac78
-
SHA512
bc5d0026dcd5b64af56e452d82e694bffb0288d566bbc8a7cee875997dbb38156a4f0c8b0ead344dc55573d659931d95c345c973aa208d942ae758feb29ef065
-
SSDEEP
96:mfLc98/bGspaxG2X78EIutt9Irs5h6u+u7A7TLcbDUDi55CRS:mfLc96naxPAitn5h6u+u7AWDUDYkRS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118
Files
-
3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118.exe windows:4 windows x86 arch:x86
c24c5bf2bbad1a8dd90cfddd281ee207
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
wsock32
socket
ioctlsocket
htons
sendto
WSACleanup
WSAStartup
gethostbyname
msvcrt
rand
_XcptFilter
__p___initenv
_controlfp
printf
exit
perror
malloc
puts
atoi
__setusermatherr
_exit
_adjust_fdiv
_initterm
__getmainargs
__set_app_type
__p__fmode
__p__commode
_except_handler3
Sections
.text Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE