Static task
static1
Behavioral task
behavioral1
Sample
4220e22ae9c0bfa00738d0f71e0c2b81_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4220e22ae9c0bfa00738d0f71e0c2b81_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
4220e22ae9c0bfa00738d0f71e0c2b81_JaffaCakes118
-
Size
349KB
-
MD5
4220e22ae9c0bfa00738d0f71e0c2b81
-
SHA1
85c1b2d86a30343fafa03a7d30b21a5d7161d845
-
SHA256
ed2440599d5f753f4b2bf62cd440a6677d3db4a13fedd9c16f6aec14f2d03bd8
-
SHA512
f8840cce00d081101d4d7527af4b7222ba5506d9a9a0c576d47d496b71fa831652893a45059dfd9468149c96491b90a33fe9a5344b5d54d1649524fc4ef2d712
-
SSDEEP
6144:jO6jGD90R6hW2I6UlUC5LLGqcAOT0egNtAlwYi/ksqAUn/K2RG9QBVaOXEo:jO6mfWcC5LyqcAcUtswn/ksQnC2RXaOp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4220e22ae9c0bfa00738d0f71e0c2b81_JaffaCakes118
Files
-
4220e22ae9c0bfa00738d0f71e0c2b81_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.nsp0 Size: - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nsp1 Size: 335KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nsp2 Size: - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 532B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ