Static task
static1
Behavioral task
behavioral1
Sample
188153f381a3b62bad11dd2f6ea6b498_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
188153f381a3b62bad11dd2f6ea6b498_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
188153f381a3b62bad11dd2f6ea6b498_JaffaCakes118
-
Size
302KB
-
MD5
188153f381a3b62bad11dd2f6ea6b498
-
SHA1
1468ddf7ad4464c787e216bf3a2f6a8f9e454778
-
SHA256
568bb20f086c3b66c94ac2bdc7bff91d5452d118aebe74d81dfdd70633e6ab50
-
SHA512
4dd529ba660261eedc5a152dd7cca11a2033440579f273f1edea2ff2ac882b8e6d6962450e29d702ff0e91725f8d407cb8d3d7db2b3b6139737b49f248726686
-
SSDEEP
6144:3q3W2JBfvGQopEnL3L+Z4i14RjzgKQQI697orKOYwUiJ+KRH0NNe3:6NopoLKZx1U9QssrswUYRHye3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 188153f381a3b62bad11dd2f6ea6b498_JaffaCakes118
Files
-
188153f381a3b62bad11dd2f6ea6b498_JaffaCakes118.exe windows:4 windows x86 arch:x86
dae2264e721d7c66f7fa35e864d11aba
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA
Sections
.naked1 Size: - Virtual size: 592KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.naked2 Size: 300KB - Virtual size: 304KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ