Static task
static1
Behavioral task
behavioral1
Sample
1713f910b1665190518dc7bbabe4fa73_JaffaCakes118.exe
Resource
win7-20240419-en
General
-
Target
1713f910b1665190518dc7bbabe4fa73_JaffaCakes118
-
Size
969KB
-
MD5
1713f910b1665190518dc7bbabe4fa73
-
SHA1
fcd84e85e948a5e635b06fc464f70ee52fc1d34e
-
SHA256
984839f6b442be7c2d2b47c07d39ee1f445d0f064daba9d42702d7366e0fb5bd
-
SHA512
84209d2d354e460ea46d78c913da6f9ab3c97b1633d4877ed3a1f443306331c5415f89880489b6a88e611dd3cd264762dd806517c21bf8a6347e4e5f9a5c1d69
-
SSDEEP
12288:kaWzgMg7v3qnCiMErQohh0F4CCJ8lnyC8uy90PXfo/m28GfA6dg0sELW8h4pQ:7aHMv6CorjqnyC8uySXA+GoF+Vh4G
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
Processes:
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 1713f910b1665190518dc7bbabe4fa73_JaffaCakes118
Files
-
1713f910b1665190518dc7bbabe4fa73_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 512KB - Virtual size: 512KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 105KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 91KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ