Static task
static1
Behavioral task
behavioral1
Sample
12226179662fa6bcef957e9dd2a1d361_JaffaCakes118.exe
Resource
win10v2004-20240419-en
General
-
Target
12226179662fa6bcef957e9dd2a1d361_JaffaCakes118
-
Size
122KB
-
MD5
12226179662fa6bcef957e9dd2a1d361
-
SHA1
5088ba82251277bbae64e141701b7e108e382208
-
SHA256
95620c450b1349d25157159113e224d4d72fa43cb8b911d07155c1536c9273ab
-
SHA512
5d12c7188b9eb4bd237bb5737e47c013951f47401f5b7b62140ead12a4c985c5e5679099c026a25f2a973f1032841e2624aa0dd9afa48537dea90bb472dcbfd7
-
SSDEEP
1536:fD2+8yAESpdRm7f1UT29QtdrTULSBibgyUSUwpOBAB73jbczb3XYQSIrT5iFpV3c:a+zVSxmpUWwVxyUSUw3BbjbM7ND2s2G
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 12226179662fa6bcef957e9dd2a1d361_JaffaCakes118
Files
-
12226179662fa6bcef957e9dd2a1d361_JaffaCakes118.exe windows:10 windows x86 arch:x86
18440e88ae4f99bc5dd118a9510d0de2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
gdi32
BitBlt
user32
ord2575
msvcrt
exit
api-ms-win-core-registry-l1-1-0
RegCloseKey
comctl32
ord17
ole32
CoCreateGuid
oleaut32
VariantInit
shell32
SHGetFileInfoW
gdiplus
GdipDrawLine
ntdll
EtwEventWrite
uxtheme
GetThemeColor
dwmapi
DwmRegisterThumbnail
shlwapi
ord348
imm32
ImmDisableIME
Sections
.MPRESS1 Size: 52KB - Virtual size: 220KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE