Static task
static1
Behavioral task
behavioral1
Sample
aeca8c25221df8d4e20f5e1a033883a7_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
aeca8c25221df8d4e20f5e1a033883a7_JaffaCakes118
-
Size
306KB
-
MD5
aeca8c25221df8d4e20f5e1a033883a7
-
SHA1
2e75982b3f478ff4ae0e345449830855fb72ba1b
-
SHA256
035a94e56b9744c411314bb8de95d46c23e71c8f268cfe19687d8fc88eb20cda
-
SHA512
b43d50a5a7454a46a134437e2c5282c5f605967083514b10c8eafcd2b8df43dbbb424f0375dacb7dae9d4307a961dff3aea707464eb474aae453eacbbc2b3fe4
-
SSDEEP
6144:UDgycqMPdeNOY7Iq5Uttv8r2eDZeZhnxecgA2qZ+3ZoBuUnsRaD:Ag5deiv8rZZeZh50q+JoBuvq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource aeca8c25221df8d4e20f5e1a033883a7_JaffaCakes118
Files
-
aeca8c25221df8d4e20f5e1a033883a7_JaffaCakes118.exe windows:4 windows x86 arch:x86
5b2d930f35c4df3955868948c0986274
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
__vbaStrI2
kernel32
GetModuleHandleA
GetProcAddress
Sections
.text Size: - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 972B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE