Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_315aca4b6d1a204e78df914bf7e588ba.exe
Resource
win7-20240729-en
General
-
Target
JaffaCakes118_315aca4b6d1a204e78df914bf7e588ba
-
Size
668KB
-
MD5
315aca4b6d1a204e78df914bf7e588ba
-
SHA1
5211436ba2464ab3482aef7bc921f26246b1182c
-
SHA256
de2f0931ac8324a64e41caf6ba7cc63e46cb30853725194668aed67bd4eaff23
-
SHA512
769c263bed2c7df8ebbdcf8d312290c645859454437ab6a9aa24a07836dc1ac6dc45d74238664f479bb115b28d327113cbe8fa705d5c28b6be452c9f984fa92b
-
SSDEEP
12288:31dHwD+vgEphGYMg1lYPkoBJKrK3o4OYaHPP88oCqpvw9I:3cDgbMg1lYPSrK44OTHgOI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_315aca4b6d1a204e78df914bf7e588ba
Files
-
JaffaCakes118_315aca4b6d1a204e78df914bf7e588ba.exe windows:4 windows x86 arch:x86
9a957ab8431180c393f29dedb3586e7c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA
msvbvm60
ord621
Sections
pec1 Size: 5KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE