Static task
static1
Behavioral task
behavioral1
Sample
072e83174cd7f2124bab34f5ea4ed995_JaffaCakes118.exe
Resource
win7-20240220-en
General
-
Target
072e83174cd7f2124bab34f5ea4ed995_JaffaCakes118
-
Size
277KB
-
MD5
072e83174cd7f2124bab34f5ea4ed995
-
SHA1
01936fc7ece2ff9ad6a85096458a6a0e4cf79fe1
-
SHA256
0de390f981d88d0b20e8c34d0ec5398e526458c65f2e6a62d4614f613062763b
-
SHA512
5c233ea3eb01287ef732c58d1046bc7d7297bad929447fca96ed50dc05ec2abcb47a7bacfb559737693934145ec3ddae749d101689bbc2adc819a02c731458f5
-
SSDEEP
6144:RP/8HqObc3dZ9Whv7+OYWgBnEexRYUqD15MIjMGHsiQ/gVGZPphw:RXIq93djk6OYWgBLRTQ1vjhQ/FP7w
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 072e83174cd7f2124bab34f5ea4ed995_JaffaCakes118
Files
-
072e83174cd7f2124bab34f5ea4ed995_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
PEBundle Size: 512B - Virtual size: 320KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PEBundle Size: 276KB - Virtual size: 292KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE