Static task
static1
Behavioral task
behavioral1
Sample
41d5677b13a114943d2be94203b3f6cd_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
41d5677b13a114943d2be94203b3f6cd_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
41d5677b13a114943d2be94203b3f6cd_JaffaCakes118
-
Size
36KB
-
MD5
41d5677b13a114943d2be94203b3f6cd
-
SHA1
515e887caaf6004a9611b0c2f4efbfaa609a4db3
-
SHA256
e84b76190c364e481937f9eacd4ee6f875c96cc76eede652f568bc885a207192
-
SHA512
2cf1e2a75890ab28ce4668ef39dff113ff7db33675ff18037d564bbf8aeef8be4ae8a6f8299017a09ee2ac81b787f77d965c3a4f99660dd4d61bb19943860702
-
SSDEEP
384:HO3DDcvII9KI4jXL9eFwif7NcSjyl8Ploz2Lx6gUuNjZF:uzoAIsQSif7Nilol/bUuNjZF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 41d5677b13a114943d2be94203b3f6cd_JaffaCakes118
Files
-
41d5677b13a114943d2be94203b3f6cd_JaffaCakes118.exe windows:4 windows x86 arch:x86
0cba8adffedf41c7b3b967c151315369
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord516
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord717
ProcCallEngine
ord537
ord644
ord570
ord648
ord573
ord100
ord616
ord619
ord581
Sections
.text Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.heh Size: 12KB - Virtual size: 4KB