Static task
static1
Behavioral task
behavioral1
Sample
f11a3c7bd0dfb5c245be24847cf79ce9_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f11a3c7bd0dfb5c245be24847cf79ce9_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
f11a3c7bd0dfb5c245be24847cf79ce9_JaffaCakes118
-
Size
52KB
-
MD5
f11a3c7bd0dfb5c245be24847cf79ce9
-
SHA1
ef3dd9bd0b9fce6967ae94760404ba4c6cf25169
-
SHA256
8255ec52290b3ef617912de1e31b310c1cae3389eb679b5a794e6879c0bbe72e
-
SHA512
49a39cf57974ae38d567adbce1b8c49d67ce24a1896d6cfd2b229d990e712257e426d9476fdb1bee2f42113ac0426665dc74aedc3287180cea689810cb1f8c9f
-
SSDEEP
768:y5tolcmtNFfcC6+f5RIWxN/B43J8OlyL1Ib5w22UwSbxutbf02Wg+:y5to6Grf/dRI05B4ZFq922UdQ5f5W5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f11a3c7bd0dfb5c245be24847cf79ce9_JaffaCakes118
Files
-
f11a3c7bd0dfb5c245be24847cf79ce9_JaffaCakes118.exe windows:4 windows x86 arch:x86
79111bb052ff9976d30be54f592fe831
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
EnumResourceLanguagesW
ExitProcess
ReadFileEx
RtlFillMemory
SetThreadPriority
TlsGetValue
WriteFileGather
advapi32
CryptDestroyHash
CryptDuplicateKey
CryptEncrypt
CryptSignHashA
GetSecurityDescriptorSacl
IsTextUnicode
RegLoadKeyA
RegOpenKeyW
RegSetValueA
SetFileSecurityW
SetNamedSecurityInfoA
SetSecurityDescriptorDacl
user32
FlashWindow
GetClipboardFormatNameA
GetDlgItemTextA
GetMenuInfo
HiliteMenuItem
LoadImageA
RemoveMenu
TrackMouseEvent
shell32
DllGetVersion
DoEnvironmentSubstW
ExtractIconExA
RealShellExecuteExA
SHFileOperationA
SHFileOperationW
SHGetDataFromIDListW
SHUpdateRecycleBinIcon
SheRemoveQuotesW
ShellAboutA
ShellExecuteEx
Sections
.text Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 49KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE