Static task
static1
Behavioral task
behavioral1
Sample
8eb2020f1d3c549da4b6076341fa032f_JaffaCakes118.exe
Resource
win7-20241010-en
General
-
Target
8eb2020f1d3c549da4b6076341fa032f_JaffaCakes118
-
Size
1.1MB
-
MD5
8eb2020f1d3c549da4b6076341fa032f
-
SHA1
9ead9c8b3fce65bd6ea30da4a401fac8425e8d0b
-
SHA256
2abc906f7f08fb8a8d9eb9bdba17fc99a4c914dee6b24680175703c38d2e4a5f
-
SHA512
71b61a111fb825e91c236ff7c4d654631fa142f68ebbc86560d1f70ebd141cc3b39af8316dd5fe0a436d1205c6b7040e97a44512c5601429883f9fa8f5eb1a22
-
SSDEEP
24576:CaHMv6CorjqnyC8rMtBYp/MPHcOMgvf+QeS6v:C1vqjdC8rMtSVMvcOkQgv
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8eb2020f1d3c549da4b6076341fa032f_JaffaCakes118
Files
-
8eb2020f1d3c549da4b6076341fa032f_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 512KB - Virtual size: 512KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 105KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ