Static task
static1
Behavioral task
behavioral1
Sample
fa678b54bc6dc42ca74ab104203475fe_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fa678b54bc6dc42ca74ab104203475fe_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
fa678b54bc6dc42ca74ab104203475fe_JaffaCakes118
-
Size
951KB
-
MD5
fa678b54bc6dc42ca74ab104203475fe
-
SHA1
151df3753808b3d44b5a5255c820c8b928658c1c
-
SHA256
38e98d7bea3c4297e939f8940dc3c2855caecea427156dbe001ea43d03d4a947
-
SHA512
e893d49a446900fbfda12b1a2540a478132db22214fa849e3d95b7b6b8be6783a4e116e614fcde7afe731323492963219aec0cbd21797905ecea74af5b142af2
-
SSDEEP
24576:SUFa7K4Jy/fVtktVGPrfO/WxvaXUTcLHFpSYiVtktVGPrfO/WX:jqMlSyfO/WxyXukHFISyfO/W
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fa678b54bc6dc42ca74ab104203475fe_JaffaCakes118
Files
-
fa678b54bc6dc42ca74ab104203475fe_JaffaCakes118.exe windows:4 windows x86 arch:x86
d436c55cc61e4d62b21359ff12be3c38
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
msvbvm60
MethCallEngine
Sections
. Size: 675KB - Virtual size: 940KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 140KB - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE