Static task
static1
Behavioral task
behavioral1
Sample
7a1e33481b7164e593982cc8bca49b83_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
7a1e33481b7164e593982cc8bca49b83_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
7a1e33481b7164e593982cc8bca49b83_JaffaCakes118
-
Size
120KB
-
MD5
7a1e33481b7164e593982cc8bca49b83
-
SHA1
cbeb5da1d01ea56a990943cf27c3698770fe3d84
-
SHA256
ccff91f0cf57fc3901a024eab0a887f3ce63a3224b326c4cb1f284cc3f126b6d
-
SHA512
f1b4abfba68c2ee7a956f81065855809839a2c889382e98240f2851893a2daaf8a22305e98ebcd22ded4edd3d9fd60cde5ff3cc1867605313cd49b0b40a69ec9
-
SSDEEP
1536:uCjGsIaJ4BPgPVLpmPzR5fQp3ER1XYk62HOX5H3GIJbEb1:oszC1k0zvOkrgd2Iqb1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 7a1e33481b7164e593982cc8bca49b83_JaffaCakes118
Files
-
7a1e33481b7164e593982cc8bca49b83_JaffaCakes118.exe windows:4 windows x86 arch:x86
2f06db1589c8213848061e5e6f29b650
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord583
MethCallEngine
ord591
ord521
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord570
ord100
ord613
ord543
Sections
.text Size: 112KB - Virtual size: 108KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ