@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo
Overview
overview
5Static
static
329a232/29A#2.js
windows7-x64
329a232/29A#2.js
windows10-2004-x64
329a232/29A#2.vbs
windows7-x64
129a232/29A#2.vbs
windows10-2004-x64
129a232/29A#2.vbs
windows7-x64
129a232/29A#2.vbs
windows10-2004-x64
129a232/29A#2.ps1
windows7-x64
329a232/29A#2.ps1
windows10-2004-x64
329a232/29A#2.vbs
windows7-x64
129a232/29A#2.vbs
windows10-2004-x64
129a232/29A#2.exe
windows7-x64
29a232/29A#2.exe
windows10-2004-x64
29a232/FIL...OC.exe
windows7-x64
129a232/FIL...OC.exe
windows10-2004-x64
129a232/FILES/IAVR.exe
windows7-x64
29a232/FILES/IAVR.exe
windows10-2004-x64
29a232/FIL...EC.com
windows7-x64
29a232/FIL...EC.com
windows10-2004-x64
ANDROID.com
windows7-x64
ANDROID.com
windows10-2004-x64
ANIMO.com
windows7-x64
ANIMO.com
windows10-2004-x64
ANTI-ETA.exe
windows7-x64
ANTI-ETA.exe
windows10-2004-x64
BABYBUG.exe
windows7-x64
BABYBUG.exe
windows10-2004-x64
CABANAS.exe
windows7-x64
5CABANAS.exe
windows10-2004-x64
5CAP.doc
windows7-x64
4CAP.doc
windows10-2004-x64
1CARRIERS.com
windows7-x64
CARRIERS.com
windows10-2004-x64
Static task
static1
Behavioral task
behavioral1
Sample
29a232/29A#2.js
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
29a232/29A#2.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
29a232/29A#2.vbs
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
29a232/29A#2.vbs
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
29a232/29A#2.vbs
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
29a232/29A#2.vbs
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
29a232/29A#2.ps1
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
29a232/29A#2.ps1
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
29a232/29A#2.vbs
Resource
win7-20240215-en
Behavioral task
behavioral10
Sample
29a232/29A#2.vbs
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
29a232/29A#2.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
29a232/29A#2.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
29a232/FILES/GETPROC.exe
Resource
win7-20240508-en
Behavioral task
behavioral14
Sample
29a232/FILES/GETPROC.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
29a232/FILES/IAVR.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
29a232/FILES/IAVR.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
29a232/FILES/PEWRSEC.com
Resource
win7-20240419-en
Behavioral task
behavioral18
Sample
29a232/FILES/PEWRSEC.com
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
ANDROID.com
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
ANDROID.com
Resource
win10v2004-20240426-en
Behavioral task
behavioral21
Sample
ANIMO.com
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
ANIMO.com
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
ANTI-ETA.exe
Resource
win7-20240215-en
Behavioral task
behavioral24
Sample
ANTI-ETA.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
BABYBUG.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
BABYBUG.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
CABANAS.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
CABANAS.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
CAP.doc
Resource
win7-20240508-en
Behavioral task
behavioral30
Sample
CAP.doc
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
CARRIERS.com
Resource
win7-20240215-en
Behavioral task
behavioral32
Sample
CARRIERS.com
Resource
win10v2004-20240508-en
Target
2b22b271535ff9f8b63912fe48b597c2_JaffaCakes118
Size
1.4MB
MD5
2b22b271535ff9f8b63912fe48b597c2
SHA1
d9c5745854192980375a9e2a15e1fe0c3f1a3684
SHA256
aed5ce71d4dff26c4b257c3a309d5dd2a16950b9ea01da7d2d85a64fd26bdcc1
SHA512
775b442a00fbcfeb3b8a39ba08e89768e13472183d75dcecb93f22e512d88e558b0ba7110e7a44eb19b138135f1fc85e9b31ac32f5afb83040b3b5e22f419766
SSDEEP
24576:+oVFaTadfuHcfvIwneFCVahb7b71DjgzdQTW1aoeeC9t8PiztsGPMkc/A2UR/CrE:+oVFEaVu8Hn/Vahr71DUedMC9t8qzts4
Checks for missing Authenticode signature.
resource |
---|
unpack001/29a232/FILES/GETPROC.EXE |
unpack007/CABANAS.EXE |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
GetStdHandle
EnterCriticalSection
CloseHandle
FreeLibrary
GetCommandLineA
GetCurrentThreadId
CreateFileA
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetEnvironmentStrings
ExitProcess
GetVersion
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
GetStartupInfoA
MessageBoxA
EnumThreadWindows
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
ExitProcess
GetProcAddress
GetModuleHandleA
MessageBoxA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE