Static task
static1
Behavioral task
behavioral1
Sample
25f7a060beeec7a5b952788465db3e8c_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
25f7a060beeec7a5b952788465db3e8c_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
25f7a060beeec7a5b952788465db3e8c_JaffaCakes118
-
Size
1.6MB
-
MD5
25f7a060beeec7a5b952788465db3e8c
-
SHA1
616cb6087c9c11107a82d1cdd6d403c3c9cffd18
-
SHA256
08e2899d799d4b103ce73143d8d0cac5803d5a9bd8d75d35624de0a5278df15d
-
SHA512
af9d8834e181cd14a44f4a109d9036fa6d70953e0c987a478634c632783d1b63888116c846d3d25f9b087e7ea45a4ee3ecd5d69686a55bd630c85b3c00379301
-
SSDEEP
49152:0wmG94hUbREXnDKK7XxIx9P0FUhA6lpUKw:XFYUbeXnGK7X0TZw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 25f7a060beeec7a5b952788465db3e8c_JaffaCakes118
Files
-
25f7a060beeec7a5b952788465db3e8c_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 106KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 21KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lucus Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE