Behavioral task
behavioral1
Sample
JaffaCakes118_cd08dfdc86953754670441197e5dc88b41354975457e110dac5c7176b420b33c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_cd08dfdc86953754670441197e5dc88b41354975457e110dac5c7176b420b33c.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_cd08dfdc86953754670441197e5dc88b41354975457e110dac5c7176b420b33c
-
Size
532KB
-
MD5
b7ab72c5aaea4067d064c49d1d51fcff
-
SHA1
73789f08e79ef3eb01ac6d6a797ac6060174199a
-
SHA256
cd08dfdc86953754670441197e5dc88b41354975457e110dac5c7176b420b33c
-
SHA512
1982f63da7186bbb407fdc456dd6b5cbde8b0954188582beef09597f1da0f895a6c03cd3effdbeddef8ec89b25ec754a0ce4f2e7f1ef01f518f5fd2188374d4b
-
SSDEEP
3072:WuxVUg3yGDRb8+czuYHFGHSemWemT2wkOuQP+DbaPIDARc1vEvMxgIb:JgORVwn9W9aQuWPkVavsH
Malware Config
Signatures
-
Guloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_cd08dfdc86953754670441197e5dc88b41354975457e110dac5c7176b420b33c
Files
-
JaffaCakes118_cd08dfdc86953754670441197e5dc88b41354975457e110dac5c7176b420b33c.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 280KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ