Static task
static1
Behavioral task
behavioral1
Sample
1a2e2f0a4bd39cc5354a6afdfcccadf9_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1a2e2f0a4bd39cc5354a6afdfcccadf9_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
1a2e2f0a4bd39cc5354a6afdfcccadf9_JaffaCakes118
-
Size
27KB
-
MD5
1a2e2f0a4bd39cc5354a6afdfcccadf9
-
SHA1
58547848ed0072732979bf49ff937772fd011983
-
SHA256
9579ccf853d309acb8c5a5a46b980b31380b17e7b3de0268a6c66e40636f83e6
-
SHA512
64be3d5a5a1c744ffb964106ccec67934eb8e18b1684705decaef0ec33a57cdfb08ac7d9eb38804a068c9f0190f612d326f507bebbbfc6502058cff0f8bd7ed5
-
SSDEEP
768:jwJpFHSLyupC2/kPWjWWY/mmS9qRjzfH46uM:jwJpFHSOuopPWjx9qFH46uM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 1a2e2f0a4bd39cc5354a6afdfcccadf9_JaffaCakes118
Files
-
1a2e2f0a4bd39cc5354a6afdfcccadf9_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.Upack Size: - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE