Static task
static1
Behavioral task
behavioral1
Sample
f5b5039367a3182973751be830a6bc4b_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f5b5039367a3182973751be830a6bc4b_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f5b5039367a3182973751be830a6bc4b_JaffaCakes118
-
Size
180KB
-
MD5
f5b5039367a3182973751be830a6bc4b
-
SHA1
6eb09e03ec092c039af6533f044dc2a37da30d40
-
SHA256
b982ae0855875dad188eb4136bdefd183d9621b6b92ae4352afa23b866972261
-
SHA512
5fa8da001dc805a5f83e6302e632fb3f952a0c9d5b1193f182b9cad01e4987f748876d2365033d78a8c4b2269cc46499a4583268e7dd87b489b7de89b1500d4d
-
SSDEEP
3072:qEayApMN603EwMqnmcAq3VFjdMfwNZ+N4Dq6WCEiuND0mHMMPdyQXRzViDr+0g:qEayApMNr0wlnmcAq3Hi4N+4DLDEiiDE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f5b5039367a3182973751be830a6bc4b_JaffaCakes118
Files
-
f5b5039367a3182973751be830a6bc4b_JaffaCakes118.exe windows:4 windows x86 arch:x86
22aa25a9dbb99211db866b1a30897dd8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
ReadFile
VirtualProtect
user32
wsprintfA
wvsprintfA
Sections
Eyrr3AvB Size: - Virtual size: 179KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
aj'[Q0(3 Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
,h0A[DvC Size: - Virtual size: 592B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CGi4ff8< Size: - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
H?JVnibm Size: 176KB - Virtual size: 175KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE