Static task
static1
Behavioral task
behavioral1
Sample
498103d0cf80fb44e8567da4864e9ae0_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
498103d0cf80fb44e8567da4864e9ae0_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
498103d0cf80fb44e8567da4864e9ae0_JaffaCakes118
-
Size
117KB
-
MD5
498103d0cf80fb44e8567da4864e9ae0
-
SHA1
71a74f277581895f742911074865bd9af5fcc429
-
SHA256
da7419e16397539713ae732329309147efadb746e2e4240fcdee0cb73362bf6f
-
SHA512
7b92aece90b266d63c12859c9755d30a2f7ea5b44410a161b30efaafd428eee1afc6f68b83d8a32d96872620df6e71e5645a34840238e62734e0e46effa30b41
-
SSDEEP
1536:EPmxxQ0rbh8odG3LxdDkI+A2UwtjSIaOz/JzMkKKYWHehBM9J9Q9YV/TgwYtDzkm:qmHmod8f2vaOz/FtYWHehw+aTgwY7F
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 498103d0cf80fb44e8567da4864e9ae0_JaffaCakes118
Files
-
498103d0cf80fb44e8567da4864e9ae0_JaffaCakes118.exe windows:4 windows x86 arch:x86
611edc4e49c955e5bdbd10d4d41ca6b5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetACP
DeleteFileA
SetEnvironmentVariableA
LoadLibraryA
Heap32First
CreateMailslotW
VirtualAlloc
CreateFileMappingW
DeleteFileA
GetModuleHandleW
SetFilePointer
GetProcessHeap
GetConsoleAliasW
GetVersion
DeleteFileA
GetConsoleTitleA
GetShortPathNameW
GetStringTypeW
SetCurrentDirectoryA
SetEndOfFile
WriteConsoleW
GetStringTypeW
Heap32Next
msoeacct
DllGetClassObject
ValidEmailAddress
DllCanUnloadNow
GetDllMajorVersion
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 111KB - Virtual size: 111KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 1024B - Virtual size: 544B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ