Static task
static1
Behavioral task
behavioral1
Sample
09.06.2016_Emma-Watson_our-big-party-photo_for-youuuuuuuuuuuuuuu.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
09.06.2016_Emma-Watson_our-big-party-photo_for-youuuuuuuuuuuuuuu.exe
Resource
win10v2004-20240419-en
General
-
Target
24f9c3333231d4cd5fb70a246e293cb2_JaffaCakes118
-
Size
111KB
-
MD5
24f9c3333231d4cd5fb70a246e293cb2
-
SHA1
9708f268b6a009ae8b22976f5e1d52c563273937
-
SHA256
70d8be98bf498a80c6f9c86cbdc88b72dcf6a529229fee563ff094b0badba3ba
-
SHA512
28e6e42ac4effa93b0a3bca8b33894ef7c51e3c4fbf7e2896fe823f441a271b45508600e788e22ead937eeb740521e350bb56bd834afd0636d079fb97495b8b9
-
SSDEEP
3072:oBIBXH/d+tk3pcNEv+mP4QfQSDFtZ8tHFii/fy:o8XHlUEv+mxfQk2tNXy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/09.06.2016_Emma-Watson_our-big-party-photo_for-youuuuuuuuuuuuuuu.exe
Files
-
24f9c3333231d4cd5fb70a246e293cb2_JaffaCakes118.zip
-
09.06.2016_Emma-Watson_our-big-party-photo_for-youuuuuuuuuuuuuuu.exe.exe windows:5 windows x86 arch:x86
5e22e2ebe614ea10279316feec4b75b3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kbdro
KbdLayerDescriptor
msvcrt
__crtLCMapStringW
free
malloc
_onexit
??2@YAPAXI@Z
kernel32
GetProcAddress
HeapAlloc
DeleteFileW
LoadLibraryA
GetEnvironmentStringsW
VirtualAlloc
ExitProcess
GetFileAttributesA
FileTimeToSystemTime
GetThreadLocale
FreeEnvironmentStringsW
GetCurrentThread
GetOEMCP
GetProcessHeap
GetSystemTime
SetFilePointer
lstrcmpiW
lstrcmpA
lstrcmpW
InterlockedExchange
HeapFree
advapi32
RegQueryValueW
RegEnumValueW
RegOpenKeyExA
GetLengthSid
RegQueryInfoKeyA
EqualSid
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegEnumKeyExA
OpenProcessToken
RegQueryValueA
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyA
Sections
.text Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ