Static task
static1
Behavioral task
behavioral1
Sample
1a8c78a129f3205ba9aa2823760a7120_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
1a8c78a129f3205ba9aa2823760a7120_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
1a8c78a129f3205ba9aa2823760a7120_JaffaCakes118
-
Size
1.2MB
-
MD5
1a8c78a129f3205ba9aa2823760a7120
-
SHA1
54a4eb42c1b924e9994644cee84c6eb7480255ab
-
SHA256
af86b1bc292a2fd9cc64d56b439e1163207b6e771fe979ae61ea08fb7e1b3b2a
-
SHA512
e24c342afec3f0bf56305950309ab93efaba1001f11a317ddb0002f54d8f7837ef25118e5dbe9cd94c35e924583841c5e5b7102bea519c7740201b15dbe95eca
-
SSDEEP
24576:Q0nVgg8Z0K5Pge4psVZCAu6F3NN+IT1sAsp+3g3k5Ckyums7K:Q0WgfpHX6vN+VAOCWUaH8K
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 1a8c78a129f3205ba9aa2823760a7120_JaffaCakes118
Files
-
1a8c78a129f3205ba9aa2823760a7120_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.R Size: 512B - Virtual size: 12.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.R Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE