Behavioral task
behavioral1
Sample
JaffaCakes118_d4bc9bcd717b5a62dfea85a687a7b5691f14f43b596674bb995fa5f24d4c3a95.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_d4bc9bcd717b5a62dfea85a687a7b5691f14f43b596674bb995fa5f24d4c3a95.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_d4bc9bcd717b5a62dfea85a687a7b5691f14f43b596674bb995fa5f24d4c3a95
-
Size
488KB
-
MD5
95e48fc149f7ba2d2fcfe6c8e3b448a5
-
SHA1
9e3d6b686d7d4b711afc10f10cb2718be61ed6e7
-
SHA256
d4bc9bcd717b5a62dfea85a687a7b5691f14f43b596674bb995fa5f24d4c3a95
-
SHA512
3632169cbb9f142ab2e8005cff2b2175b20b9ffdb66d5e487873f98e07245defcc4fc1968c1de026aa82f1feb93d55ab33bc8447f524c536aba06f937166c60a
-
SSDEEP
6144:9oCFQ1GkSde3G3vdqXcak5oFfAeGRoglOSKpk3b13bJx+sAOZZsWX5BcZ5Y:9oCqKde3G314caiojGRoaOd+2sfZs
Malware Config
Signatures
-
Remcos family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_d4bc9bcd717b5a62dfea85a687a7b5691f14f43b596674bb995fa5f24d4c3a95
Files
-
JaffaCakes118_d4bc9bcd717b5a62dfea85a687a7b5691f14f43b596674bb995fa5f24d4c3a95.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 331KB - Virtual size: 330KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ