Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_046457cbd394579894127270aafef150.exe
Resource
win10v2004-20250502-en
General
-
Target
JaffaCakes118_046457cbd394579894127270aafef150
-
Size
441KB
-
MD5
046457cbd394579894127270aafef150
-
SHA1
ca7780fa5c9bf129fd0e90b5c02a31a4fd9cc153
-
SHA256
ae902131766463db3d8a54a584cd6de03bd2ef4c50e57401ad9ad501261f3501
-
SHA512
52ae99a65d1a12fe0c90aa7328c1ea687af71896705cfb01c99411bafca0d5d9e67a3e5df2fe0ee032d06ff17146957c4f69107db61ee1a741af3cf61292db60
-
SSDEEP
12288:uwQW1NZsM9CZImwOPHVwvLmFn85pXDIL9sTs7N:uwtH4/PdFn8fXDIL9sqN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_046457cbd394579894127270aafef150
Files
-
JaffaCakes118_046457cbd394579894127270aafef150.exe windows:4 windows x86 arch:x86
eaeb70564da1e09b8b19a7d2f0f62443
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
ConvertSecurityDescriptorToAccessNamedA
ntdll
RtlIpv6AddressToStringExW
RtlFindClearRuns
shell32
ILFree
kernel32
GetCurrentProcess
GetVersion
user32
GetInputDesktop
Sections
.text Size: 434KB - Virtual size: 436KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 265B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE